Re: How Do I Run a Java App with Superuser Privileges?
Re: How Do I Run a Java App with Superuser Privileges?
- Subject: Re: How Do I Run a Java App with Superuser Privileges?
- From: Paul Forgey <email@hidden>
- Date: Mon, 13 Dec 2004 23:23:10 -0800
See MHO answered point by point below:
William C. McCain wrote:
1. Apple lets users run Apache on their Macs, though few non-geek
end-users do so. So why not my app, too?
At risk of misunderstanding your point and going into facts you probably
already know, it's a _system wide_ app running as root (initially,
before dropping to the apache user), and the only process which may bind
to port 80 while it is running. The per-user stuff you see is part of
the apache configuration, and not the result of any daemon listening on
port 80 running directly because of that user. Are you requiring users
not run any other web server if they run your server?
2. My app has been available for some time on the dominant monopolist's
OS, and it runs fine there without any privileges (even on XP SP2).
Yeah. Winsuck lets non-priviledged users do a lot of horrible things.
Because Microsoft lets you do it doesn't mean it's a good idea. You
should see the resulting ms-specific twists on SO_REUSEADDR and related
bizarre behaviors which have been needed to hack around this in a way
that still lets most applications work while reducing the risk of
allowing this. But all that's for another list.
On multi users system, privileged ports are privileged for a reason,
unless you are Windows where any joe user who can log in can subvert the
web server, or any other server, for their own purposes. Windows is
not, nor ever will be, a system where unprivileged interactive access
may be allowed without significant compromise to security. While this
is more or less true for any system, it is especially true for Windows.
3. If I change the port number, I'll have to make it configurable, which
is a real PITA (not that I'm lazy, mind you). Of course, if one of my
users ever DOES want to run both Apache and my app on the same machine,
at least ONE of us will have to be re-configured ...
Or you could let Apache still run.
Why not use Rendezvous? Pick a port automatically and advertise it. If
your app also runs on Windows, you may want to look into Howl which
gives you the same interface on both Windows and Mac-OS. The best way
to listen on a free port is to bind to port 0 and then use getsockname
after the socket is bound to find out which port the kernel atomically
found free and bound the socket to listen on. This doesn't work on all
platforms (it isn't part of the original BSD sockets behavior), but it
does work at least on Linux, Mac-OS and even Windows.
For users that don't want to use Rendezvous or would like to set up
firewall rules, make the listening port an application preference. It
may be a pain to do, but so else is writing software.
4. It's actually rather convenient for my built-in Web server to be
"standard", as it has other uses besides the master/remote interface.
For instance, users (and I) can check my product's "log files" from
their Web browsers on the remote machines. (Yes, I know you can specify
a non-standard port in a URL, but I said this was a "convenience" issue.)
If you use Rendezvous, Safari will list your service automatically in
the bookmarks menu.
You need to find a much better reason to bind to port 80 than to save
users' typing. Are you really the only web server on the machine?
Unless you have convinced IANA that you deserve to be a known port, you
will need to do a combination of automatically finding your own dynamic
port to bind to and letting the user set it.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden