Hello Jay, and Racketeers. What the original problem is: I want my pure Racket Web Server listens on port 80, and this server allows per-user dynamic content.
As a security problem, no comprehensive solutions exists, it is a big topic of system administration. In real world, the racket web servers work as application server behind apache/nginx is a common sense in which case they can listen on un-privileged port. This is fine, but in a multi-user system, un-privileged port can still be replaced by other non-root users, and run as root does not as unsafe as it sounds like. So l'd like to do it the hard way, although Racket as well as Java cannot take advantages of the user-permission APIs. However, wrap the servlet dispatcher with a security guarder does not work. I have no idea if I misunderstand this feature. Thanks in advance. Links: Apache Security and Solutions https://www.feistyduck.com/library/apache-security/online/apachesc-CHP-6.html -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
