Skip to content

Instantly share code, notes, and snippets.

@justinmklam

justinmklam/flask-port80-without-sudo.md

Last active November 6, 2023 20:51
Show Gist options
  • Star 27 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save justinmklam/f13bb53be9bb15ec182b4877c9e9958d to your computer and use it in GitHub Desktop.
Save justinmklam/f13bb53be9bb15ec182b4877c9e9958d to your computer and use it in GitHub Desktop.
Download ZIP
Run a flask app on port 80 without sudo.
Raw
flask-port80-without-sudo.md

Flask apps are bound to port 5000 by default. To bind it to port 80, you would need to change the port as follows:

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=80, debug=True)

And to run it:

# The normal invocation, but with a permission denied error (since port 80 is protected)
python3 app.py

# Works, but dangerous to run python as sudo
sudo python3 app.py

A better option is to us authbind:

sudo apt install authbind

# Configure access to port 80
sudo touch /etc/authbind/byport/80
sudo chmod 777 /etc/authbind/byport/80

And to run the app:

# The deep argument enables port binding permissions for the program being executed, as well as any other child programs spawned from it
authbind --deep python3 app.py
@nhowardmit
Copy link

nhowardmit commented Jul 29, 2022
edited

"sudo chmod 777 /etc/authbind/byport/80"
Is strongly discouraged (it gives far more privileged exposure than necessary)

instead:
"sudo chmod 550 /etc/authbind/byport/80"
"sudo chgrp {groupname} /etc/authbind/byport/80"
"sudo usermod -a -G {groupname} {username}"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment