[plt-scheme] running web-server on port 80 as non-root?

From: Jay McCarthy (jay.mccarthy at gmail.com)
Date: Sun Feb 5 13:18:48 EST 2006

Right now, the web-server does not support dropping UID after getting its port.

I recommend a port forwarder or the following script:

cat > drop-launch.ss <<END
(module drop-launch mzscheme
 (require (lib "launch.ss" "web-server"))
 (serve)

 ... eli's code ...
 (setuid the-uid)

 (semaphore-wait (make-semaphore)))
END

mzscheme -mvt drop-launch $ARGS

where $ARGS are the same args you give to web-server-text

Jay

On 2/5/06, Eli Barzilay <eli at barzilay.org> wrote:
> On Feb  5, Doug Orleans wrote:
> > I've been running my PLT web server as root, in order to use port
> > 80, on Debian Linux.  It occurs to me that maybe I don't want to be
> > doing this...  Apache has the "User" directive that does a setuid
> > after binding the listener port.  Can MzScheme do setuid?
>
> | root# mzscheme
> | Welcome to MzScheme version 300, Copyright (c) 2004-2005 PLT Scheme Inc.
> | > (require (lib "foreign.ss") (lib "process.ss"))
> | > (unsafe!)
> | > (define setuid (get-ffi-obj "setuid" #f (_fun _int -> _int)))
> | > (system "whoami")
> | root
> | #t
> | > (setuid 500)
> | 0
> | > (system "whoami")
> | eli
> | #t
>
> > Or should I just write a simple port-forwarder?  Or, is there a way
> > to tell Debian to allow a non-root user to use port 80?
>
> Another common setup is to use Apache to proxy connections.
>
> --
>           ((lambda (x) (x x)) (lambda (x) (x x)))          Eli Barzilay:
>                   http://www.barzilay.org/                 Maze is Life!
> _________________________________________________
>   For list-related administrative tasks:
>   http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>


--
Jay McCarthy <jay at cs.brown.edu>
http://jay.makeoutcity.com/


Posted on the users mailing list.