((( [logo]Racket )))Need Help?
AboutDownloadDocumentationPLaneTCommunityLearning

[plt-scheme] anyone written a web-server app that drops privileges on Unix?

From: YC (yinso.chen at gmail.com)
Date: Tue Feb 16 19:57:58 EST 2010		 
I am not aware of a portable way of setuid on Windows, as you need to have
the password of the user in order to switch to that user.  The closest thing
that I came across is http://www.joeware.net/freetools/tools/cpau/index.htm,
which encrypts the credentials so you do not need to enter it everytime.

On Tue, Feb 16, 2010 at 3:24 PM, Matthias Felleisen <matthias at ccs.neu.edu>wrote:

>
> Could anyone help out here?
>
>
>
> On Feb 16, 2010, at 6:21 PM, Jay McCarthy wrote:
>
> Portability mainly. I don't know how to do it on Windows.
>>
>> Jay
>>
>> On Tue, Feb 16, 2010 at 4:17 PM, Matthias Felleisen
>> <matthias at ccs.neu.edu> wrote:
>>
>>>
>>> Why is this not a construct provided by the server library?
>>>
>>>
>>>
>>> On Feb 16, 2010, at 6:07 PM, Jay McCarthy wrote:
>>>
>>> It is also very easy to use the ffi to call setuid. Call it after calling
>>>> serve.
>>>>
>>>> Jay
>>>>
>>>> On Tue, Feb 16, 2010 at 3:36 PM, YC <yinso.chen at gmail.com> wrote:
>>>>
>>>>>
>>>>> A couple of possible ways that I know of -
>>>>>
>>>>> Use an apache mod_proxy as the frontend to web-server
>>>>> Use iptables to redirect port 80 to another port (say 8080) -
>>>>>
>>>>>
>>>>> http://www.groovygrails.de/blog/groovygrails/entry/non_root_tomcat_on_port
>>>>>
>>>>> HTH.  Cheers,
>>>>> yc
>>>>>
>>>>> On Tue, Feb 16, 2010 at 2:13 PM, Danny Yoo <dyoo at cs.wpi.edu> wrote:
>>>>>
>>>>>>
>>>>>> Hi everyone,
>>>>>>
>>>>>> I'm writing a small web servlet using the PLT Scheme web server
>>>>>> libraries.  The servlet needs to run on port 80, but on Unix systems,
>>>>>> I need to be root to bind to port 80.  I feel a little nervous when I
>>>>>> have a long-running, network-accessible service, especially if it runs
>>>>>> as the superuser.  Does anyone have any suggestions on how to drop
>>>>>> privileges here?
>>>>>> _________________________________________________
>>>>>>  For list-related administrative tasks:
>>>>>>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>>>>>>
>>>>>
>>>>>
>>>>> _________________________________________________
>>>>>  For list-related administrative tasks:
>>>>>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Jay McCarthy <jay at cs.byu.edu>
>>>> Assistant Professor / Brigham Young University
>>>> http://teammccarthy.org/jay
>>>>
>>>> "The glory of God is Intelligence" - D&C 93
>>>> _________________________________________________
>>>>  For list-related administrative tasks:
>>>>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme
>>>>
>>>
>>>
>>>
>>
>>
>> --
>> Jay McCarthy <jay at cs.byu.edu>
>> Assistant Professor / Brigham Young University
>> http://teammccarthy.org/jay
>>
>> "The glory of God is Intelligence" - D&C 93
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.racket-lang.org/users/archive/attachments/20100216/c9dd579e/attachment.html>
Posted on the users mailing list.