Port 0 is a port some operating systems can and do host services on accessible over the Internet.
Also - if there's any MariaDB devs reading this - your default setting making the database listen on port 0 to disable Internet access does not, in fact, disable Internet access of the DB for quite a few thousand systems.
And if you set MariaDB to not have Internet connectivity, it attempts to accomplish this by setting the TCP port to 0. Ostensibly because it's not supposed to be a valid TCP port, except it actually is on thousands and thousands of systems.
So I don't know if the check you're referencing is evaluated when someone sets their instance of MariaDB to "not" be internet accessible.
This is the place where the listening socket is initialized, and you can see that if the port is 0, it doesn't do anything. Are you observing different behavior?
That's not what was said. They said that a firewall rule can redirect traffic coming in on port 0 to a running service even when a service cannot bind directly to port 0.
Binding with port 0 as argument for AF_INET binds a random available port, not port 0. This is documented behavior of Linux and likely every other OS implementing a BSD-style socket interface.
Also note that ufw is just a tiny, non-standard wrapper for the much more powerful nftables/iptables interfaces
Port 0 is a port some operating systems can and do host services on accessible over the Internet.
Also - if there's any MariaDB devs reading this - your default setting making the database listen on port 0 to disable Internet access does not, in fact, disable Internet access of the DB for quite a few thousand systems.