Stéphane Ducasse wrote:
> "Dedicated web servers such as Apache drop
> their root privileges after startup."
>
> So I was wondering why a SMalltalk VM cannot do the same?
Here is how I managed to do that from a workspace after making a class
LibC according to recent guidelines from Gerardo Richarte on squeak-dev:
from Workspace:
"be sure FFI is installed"
"sudo ln -s /lib/libc-2.3.5.so /usr/local/lib/squeak/3.10-1/libc.so"
"start Swazoo as root"
libc := LibC new.
libc setruid: 1000 euid: 1000 suid: 1000.
"check that user is no more root"
LibC code:
Object subclass: #LibC
instanceVariableNames: ''
classVariableNames: ''
poolDictionaries: ''
category: 'FFI-Unix'
...
setruid: realUid euid: effectiveUid suid: savedUid
<cdecl: long 'setresuid' (long long long) module: 'libc'>
^ self externalCallFailed
...
The only problem is the path to libc library, which must be found linked
manually (see sudo ln..). If VM can be modified to use it more directly...
I hope this help a bit.
Best regards
Janko
--
Janko Mivšek
AIDA/Web
Smalltalk Web Application Server
http://www.aidaweb.si
_______________________________________________
Pharo-project mailing list
Pharo-project@lists.gforge.inria.fr
http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project
