[hunchentoot-devel] unix setuid
Ben Hyde
bhyde at pobox.com
Tue Mar 18 19:38:03 UTC 2008
On Mar 18, 2008, at 1:50 PM, Dr. Helmut G. Enders wrote:
> I'm using ht with debian sbcl / clc.
>
> Currently the s-bit is set to start sbcl as root,
> for using port 80.
One approach to this problem is write a very small C program that.
1. listens on the port
2. records listener's file description into an environment variable(s)
3. execs a command given it's remaining arguments.
Combined with other tools found in daemontools you can then drop
rights, switch users, etc. and finally invoke the actual Lisp
process. This plays well with jails etc.
The C program is easier to write, at least easier than the bit that
converts the file handle into something useful for your Lisp process.
- ben
More information about the Tbnl-devel
mailing list