[plt-scheme] anyone written a web-server app that drops privileges on Unix?

From: Jay McCarthy (jay.mccarthy at gmail.com)
Date: Tue Feb 16 18:21:50 EST 2010

Portability mainly. I don't know how to do it on Windows.

Jay

On Tue, Feb 16, 2010 at 4:17 PM, Matthias Felleisen
<matthias at ccs.neu.edu> wrote:
>
> Why is this not a construct provided by the server library?
>
>
>
> On Feb 16, 2010, at 6:07 PM, Jay McCarthy wrote:
>
>> It is also very easy to use the ffi to call setuid. Call it after calling
>> serve.
>>
>> Jay
>>
>> On Tue, Feb 16, 2010 at 3:36 PM, YC <yinso.chen at gmail.com> wrote:
>>>
>>> A couple of possible ways that I know of -
>>>
>>> Use an apache mod_proxy as the frontend to web-server
>>> Use iptables to redirect port 80 to another port (say 8080) -
>>>
>>> http://www.groovygrails.de/blog/groovygrails/entry/non_root_tomcat_on_port
>>>
>>> HTH.  Cheers,
>>> yc
>>>
>>> On Tue, Feb 16, 2010 at 2:13 PM, Danny Yoo <dyoo at cs.wpi.edu> wrote:
>>>>
>>>> Hi everyone,
>>>>
>>>> I'm writing a small web servlet using the PLT Scheme web server
>>>> libraries.  The servlet needs to run on port 80, but on Unix systems,
>>>> I need to be root to bind to port 80.  I feel a little nervous when I
>>>> have a long-running, network-accessible service, especially if it runs
>>>> as the superuser.  Does anyone have any suggestions on how to drop
>>>> privileges here?
>>>> _________________________________________________
>>>>  For list-related administrative tasks:
>>>>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>>>
>>>
>>> _________________________________________________
>>>  For list-related administrative tasks:
>>>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>>>
>>>
>>
>>
>>
>> --
>> Jay McCarthy <jay at cs.byu.edu>
>> Assistant Professor / Brigham Young University
>> http://teammccarthy.org/jay
>>
>> "The glory of God is Intelligence" - D&C 93
>> _________________________________________________
>>  For list-related administrative tasks:
>>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>
>



-- 
Jay McCarthy <jay at cs.byu.edu>
Assistant Professor / Brigham Young University
http://teammccarthy.org/jay

"The glory of God is Intelligence" - D&C 93


Posted on the users mailing list.