<br><br><div class="gmail_quote">On Fri, Dec 9, 2011 at 5:36 PM, Jordan Schatz <span dir="ltr"><<a href="mailto:jordan@noionlabs.com">jordan@noionlabs.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"> What is considered the best way to run a web server as non-root and<br> accept connections on port 80?<br> <br> I believe Apache handles it by being started as root, binding to the<br> port, and then dropping privileges. I don't think that the racket web<br> server knows to drop any privileges?<br></blockquote><div><br></div><div>Since you start the Web server via a function call in Racket program, your program can just as easily call 'setuid' after starting the server.</div> <div><br></div><div>I don't like to start it as root at all. I prefer to start a high port and install a firewall redirect as you mention.</div><div><br></div><div>Jay</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"> <br> I'm guessing that common practice is to use iptables to redirect to a<br> high numbered port? What about iptables lack of support for IPv6 NAT? are<br> there any commonly used work arounds?<br> <br> Thanks,<br> Jordan<br> _________________________________________________<br> For list-related administrative tasks:<br> <a href="http://lists.racket-lang.org/listinfo/users" target="_blank">http://lists.racket-lang.org/listinfo/users</a><br> </blockquote></div><br><br clear="all"><div><br></div>-- <br>Jay McCarthy <<a href="mailto:jay@cs.byu.edu" target="_blank">jay@cs.byu.edu</a>><br>Assistant Professor / Brigham Young University<br><a href="http://faculty.cs.byu.edu/~jay" target="_blank">http://faculty.cs.byu.edu/~jay</a><br> <br>"The glory of God is Intelligence" - D&C 93<br>