Skip to content

Instantly share code, notes, and snippets.

@justinmklam
Last active June 21, 2024 19:59
Show Gist options
  • Save justinmklam/f13bb53be9bb15ec182b4877c9e9958d to your computer and use it in GitHub Desktop.
Save justinmklam/f13bb53be9bb15ec182b4877c9e9958d to your computer and use it in GitHub Desktop.
Run a flask app on port 80 without sudo.

Flask apps are bound to port 5000 by default. To bind it to port 80, you would need to change the port as follows:

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=80, debug=True)

And to run it:

# The normal invocation, but with a permission denied error (since port 80 is protected)
python3 app.py

# Works, but dangerous to run python as sudo
sudo python3 app.py

A better option is to us authbind:

sudo apt install authbind

# Configure access to port 80
sudo touch /etc/authbind/byport/80
sudo chmod 777 /etc/authbind/byport/80

And to run the app:

# The deep argument enables port binding permissions for the program being executed, as well as any other child programs spawned from it
authbind --deep python3 app.py
@nhowardmit
Copy link

nhowardmit commented Jul 29, 2022

"sudo chmod 777 /etc/authbind/byport/80"
Is strongly discouraged (it gives far more privileged exposure than necessary)

instead:
"sudo chmod 550 /etc/authbind/byport/80"
"sudo chgrp {groupname} /etc/authbind/byport/80"
"sudo usermod -a -G {groupname} {username}"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment