The root user on Unix systems is a special user who has the ability to make system-wide changes and practically has full control over the machine. If we run an Express application as the root, and it has a vulnerability that is exploited by a hacker, then the hacker can cause a lot of damage, such as formatting the disk for instance.
To bind a web application to a port below 1024
, (such as ports 80
or 443
), root permissions are needed, but there are some workarounds to the problem, which are as follows:
Redirect port
80
to another port that does not require superuser permissions (such as port8000
), by usingiptables
(https://help.ubuntu.com/community/IptablesHowTo)Start the application using
authbind
(http://manpages.ubuntu.com/manpages/hardy/man1/authbind.1.html), a system utility that allows us to run applications that would normally require superuser privileges to bind to low-numbered ports as a non-privileged userDrop the root privileges...