> I was rereading our excellent forthcoming seaside book :) *lol*
> And lukas wrote > > "To listen on port 80, the standard port used by the HTTP protocol, > the > web server needs to run as root. Running a public service as root is > a huge security issue. Dedicated web servers such as Apache drop > their root privileges after startup. This allows them to listen to > port > 80 while not being root. Unfortunately this is not something that can > be easily done from within the Smalltalk VM. " > > And I was wondering what is the exact problem? Unix blocks port 1 - 1024 for non root users. Running a Smalltalk image as root is obviously a very bad idea, especially when used for web services. Smalltalk is full of security holes (for example Object class>>#readFrom: uses the compiler) that would allow a smart person to gain root rights. It is always good idea to run anything that is publicly reachable in some sort of a sandbox, even if this is just by using a non-privileged user. Cheers, Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ Pharo-project mailing list [email protected] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project
