<br><br><div class="gmail_quote">On Fri, Dec 9, 2011 at 5:36 PM, Jordan Schatz <span dir="ltr"><<a href="mailto:jordan@noionlabs.com">jordan@noionlabs.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
What is considered the best way to run a web server as non-root and<br>
accept connections on port 80?<br>
<br>
I believe Apache handles it by being started as root, binding to the<br>
port, and then dropping privileges. I don't think that the racket web<br>
server knows to drop any privileges?<br></blockquote><div><br></div><div>Since you start the Web server via a function call in Racket program, your program can just as easily call 'setuid' after starting the server.</div>
<div><br></div><div>I don't like to start it as root at all. I prefer to start a high port and install a firewall redirect as you mention.</div><div><br></div><div>Jay</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
I'm guessing that common practice is to use iptables to redirect to a<br>
high numbered port? What about iptables lack of support for IPv6 NAT? are<br>
there any commonly used work arounds?<br>
<br>
Thanks,<br>
Jordan<br>
_________________________________________________<br>
For list-related administrative tasks:<br>
<a href="http://lists.racket-lang.org/listinfo/users" target="_blank">http://lists.racket-lang.org/listinfo/users</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>Jay McCarthy <<a href="mailto:jay@cs.byu.edu" target="_blank">jay@cs.byu.edu</a>><br>Assistant Professor / Brigham Young University<br><a href="http://faculty.cs.byu.edu/~jay" target="_blank">http://faculty.cs.byu.edu/~jay</a><br>
<br>"The glory of God is Intelligence" - D&C 93<br>