Is it possible to let run a process without root permissions and let it bind to port 80?
I want to run a webserver on port 80 as www user using launcd.
Any process trying to bind to a port below 1024 must be running as superuser
You could write a script as root that gets the set permission ID bit set to "S" and launch the script as www, though. It would gain superuser access.
I know, but on Linux or BSD, you can use setcap to make it possible to bind to port 80.
Any more concrete info about this?
Or do you mean this?
chmod +S ./myapp
Rather than running your own solution, Mac OS already includes Apache2 and I'd strongly recommend you use the existing Apache server.
Thanks for the input, @MacUser2525 and @hughm123.
Why running my own webserver? Since there is Caddy, a very simple yet powerful webserver written in Go. It allows me to have automatic HTTPS using Let's Encrypt and a bunch of very useful plugins.
I could of course use the built-in Apache server. But once you're used to automated certificate signing and easy config (ok,surely that using OS X server built-in panel is more easy in some cases) you don't want anything else...
I'm already running Caddy on Linux using the setcap command. And I hoped I could do the same on OS X.
According to the getting started guide of the program the default port for it is 2015 there is no law saying any daemon running has to run on the port that you find in listings are reserved for them like 80 for http, it even shows example for 8080 the backup port for http for people running home web servers when their ISP blocks 80. All you need to do is configure it to use a port that you can access like the 8080 then your website would be https://123.456.789.012:8080 since you want that. I think it is 9090 that is the backup port for the https you would want now I think on it having just typed that.
https://caddyserver.com/docs/getting-started
Port 2015 is just an example for a port...
And running it on other ports is not what I intend to do, it's inconvenient for users.
But thanks for all the input.