[plt-scheme] anyone written a web-server app that drops privileges on Unix?
It is also very easy to use the ffi to call setuid. Call it after calling serve.
Jay
On Tue, Feb 16, 2010 at 3:36 PM, YC <yinso.chen at gmail.com> wrote:
> A couple of possible ways that I know of -
>
> Use an apache mod_proxy as the frontend to web-server
> Use iptables to redirect port 80 to another port (say 8080) -
> http://www.groovygrails.de/blog/groovygrails/entry/non_root_tomcat_on_port
>
> HTH. Cheers,
> yc
>
> On Tue, Feb 16, 2010 at 2:13 PM, Danny Yoo <dyoo at cs.wpi.edu> wrote:
>>
>> Hi everyone,
>>
>> I'm writing a small web servlet using the PLT Scheme web server
>> libraries. The servlet needs to run on port 80, but on Unix systems,
>> I need to be root to bind to port 80. I feel a little nervous when I
>> have a long-running, network-accessible service, especially if it runs
>> as the superuser. Does anyone have any suggestions on how to drop
>> privileges here?
>> _________________________________________________
>> For list-related administrative tasks:
>> http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>
>
> _________________________________________________
> For list-related administrative tasks:
> http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>
>
--
Jay McCarthy <jay at cs.byu.edu>
Assistant Professor / Brigham Young University
http://teammccarthy.org/jay
"The glory of God is Intelligence" - D&C 93
![[logo]](/logo.png){kind=logo}