Special

Introducing the “Welcome to Xojo” Bundle!

New to Xojo and looking for guidance? We've put together a terrific bundle to welcome you! Xojo Bundle

This bundle includes six back issues of the magazine -- all of year 16 in printed book and digital formats -- plus a one-year subscription (beginning with 17.1) so you'll be learning all about Xojo for the next year. It's the perfect way to get started programming with Xojo. And you save as much as $35 over the non-bundle price!

This offer is only available for a limited time as supplies are limited, so hurry today and order this special bundle before the offer goes away!

Article Preview


Buy Now

Issue 4.3

FEATURE

Networking 401

Issue: 4.3 (January/February 2006)
Author: Aaron Ballman
Author Bio: Aaron is currently employed by REAL Software and does anything you ask him to do (so long as you ask nicely). He likes to fish, bowl, and in his spare time he recently started learning about networking.
Article Description: No description available.
Article Length (in bytes): 19,273
Starting Page Number: 25
Article Number: 4311
Related Link(s): None

Excerpt of article text...

In previous articles, we discussed a lot of the background with the TCP and UDP protocols. Additionally, we discussed the APIs that you can use when dealing with these two protocols. In this article, we're going to delve into a lot more networking theory. Everything from why things behave the way they do, to speeding up your networking code, and beyond!

Port security

You may have noticed by now that on some OSes, you cannot listen on a port less than 1024. This is a security feature that is present on some systems so that only the super-user can listen on well-known ports. The thought process behind this is so that you can't have a malicious application listening on port 80 then doing something nasty (either to the remote machine or the local machine). So which systems is this an issue on? OS X and Linux are security oriented; on those systems you need to have special permissions (called root permissions) to be able to bind to ports below 1024. Currently shipping versions of Windows (as well as Mac Classic) are not as security-minded and so they will let you listen on well-known ports without issue. This may not always be the case for future versions of Windows, so you shouldn't be relying on that behavior. Basically, always assume that you have to do something special in order to listen on well-known ports.

So what should you do so that you can listen on these ports? There are obviously some very good reasons for you to want to write an application that listens on a standard port, such as wanting to write a web server. Well, you can require the user to run your application with root permissions, but that's a hassle to require your user to do that, and it poses major security concerns. So the recommended way is to have your application authenticate itself when it needs to gain permissions to be able to bind to the well-known port. How this authentication works is platform dependant. For example, on OS X you can use the Security Framework to authorize your application. On Linux, you can use the setuid function to gain or drop privileges as needed.

More on security

...End of Excerpt. Please purchase the magazine to read the full article.