[plt-scheme] anyone written a web-server app that drops privileges on Unix?

From: Eli Barzilay (eli at barzilay.org)
Date: Tue Feb 16 21:51:41 EST 2010

Previous message: [plt-scheme] anyone written a web-server app that drops privileges on Unix?
Next message: [plt-scheme] HtDP assf function missing
Messages sorted by: [date] [thread] [subject] [author]

On Feb 16, Eli Barzilay wrote:
> On Feb 16, Jay McCarthy wrote:
> > It is also very easy to use the ffi to call setuid. Call it after
> > calling serve.
> 
> Here's an example (which I think is used in Arc):
> 
>   > (require scheme/system)
>   > (system "whoami")
>   root
>   #t
>   > (require scheme/foreign)
>   > (unsafe!)
>   > (define setuid (get-ffi-obj 'setuid #f (_fun _int -> _int)))
>   > (setuid 500)
>   0
>   > (system "whoami")
>   eli
>   #t

(I forgot to add that I think that it's better to forward connections
from port 80 to a port that an unprivileged process listens to, or
proxy through apache or something like that.)

-- 
          ((lambda (x) (x x)) (lambda (x) (x x)))          Eli Barzilay:
                    http://barzilay.org/                   Maze is Life!

Posted on the users mailing list.

Previous message: [plt-scheme] anyone written a web-server app that drops privileges on Unix?
Next message: [plt-scheme] HtDP assf function missing
Messages sorted by: [date] [thread] [subject] [author]