[erlang-questions] Is there a way to change the privileges of a working program?

Denis Benoit benoitde@REDACTED
Thu Jun 25 02:28:02 CEST 2009


Claes Wikstrom a écrit :
> Sergey Samokhin wrote:
>> Hello!
>>
>> Often we have to run some kinds of our erlang programs with root
>> privileges, e.g. to allow them to bind a system port (< 1024). It is
>> quite dangerous, because once your web-server has been hacked by a bad
>> guy, the whole system can be affected. I was very impressed to know
>> that some servers drop root priveleges right after port binding.
>>
>> Is there a way which will help me to change the privileges of a
>> running program to the minimum after a system port has been bound?
>>
>> Thanks.
>>
>
> I write on this topic at:
>
>
> http://yaws.hyber.org/privbind.yaws
>
> /klacke
>
> ________________________________________________________________
> erlang-questions mailing list. See http://www.erlang.org/faq.html
> erlang-questions (at) erlang.org
>
>
Another possible solution on Linux would be to use capabilities

http://www.securityfocus.com/infocus/1400

http://sites.google.com/site/fullycapable/

/Denis



More information about the erlang-questions mailing list