[plt-scheme] running web-server on port 80 as non-root?
Right now, the web-server does not support dropping UID after getting its port.
I recommend a port forwarder or the following script:
cat > drop-launch.ss <<END
(module drop-launch mzscheme
(require (lib "launch.ss" "web-server"))
(serve)
... eli's code ...
(setuid the-uid)
(semaphore-wait (make-semaphore)))
END
mzscheme -mvt drop-launch $ARGS
where $ARGS are the same args you give to web-server-text
Jay
On 2/5/06, Eli Barzilay <eli at barzilay.org> wrote:
> On Feb 5, Doug Orleans wrote:
> > I've been running my PLT web server as root, in order to use port
> > 80, on Debian Linux. It occurs to me that maybe I don't want to be
> > doing this... Apache has the "User" directive that does a setuid
> > after binding the listener port. Can MzScheme do setuid?
>
> | root# mzscheme
> | Welcome to MzScheme version 300, Copyright (c) 2004-2005 PLT Scheme Inc.
> | > (require (lib "foreign.ss") (lib "process.ss"))
> | > (unsafe!)
> | > (define setuid (get-ffi-obj "setuid" #f (_fun _int -> _int)))
> | > (system "whoami")
> | root
> | #t
> | > (setuid 500)
> | 0
> | > (system "whoami")
> | eli
> | #t
>
> > Or should I just write a simple port-forwarder? Or, is there a way
> > to tell Debian to allow a non-root user to use port 80?
>
> Another common setup is to use Apache to proxy connections.
>
> --
> ((lambda (x) (x x)) (lambda (x) (x x))) Eli Barzilay:
> http://www.barzilay.org/ Maze is Life!
> _________________________________________________
> For list-related administrative tasks:
> http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>
--
Jay McCarthy <jay at cs.brown.edu>
http://jay.makeoutcity.com/
![[logo]](/logo.png){kind=logo}