#448 closed enhancement (fixed)
Spiffy: allow code to be executed after dropping privileges and before accepting connections
| Reported by: | Mario Domenech Goulart | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | 4.9.0 |
| Component: | extensions | Version: | 4.6.x |
| Keywords: | spiffy | Cc: | |
| Estimated difficulty: |
Description
Currently there is no straight forward way to make Spiffy execute code after it drops privileges and before accepting connections.
One use case for this would be applications which use spiffy as HTTP server (like awful). The awful workflow is:
(read/parse-command-line-options) (load-given-applications) (start-server)
To be able to use privileged ports (e.g., 80), the awful process has to be executed as root, so it can call Spiffy's start-server with enough privileges to listen on privileged ports. The privileges dropping part is also done in start-server. There's no entry point for code to be executed between dropping privileges and accepting connections.
So, in the awful workflow, (load-given-applications) loads applications as root, which is a bad thing.
The solution would be modifying spiffy in a way it calls a procedure after it drops privileges and before it accepts connections. An implementation option would be a parameter and/or a keyword argument for start-server.
Another option would be splitting the implementation of start-server, so that we can separate the privileges dropping part from the connections accepting part. We'd have at least two procedures which could be called by users, possibly with custom code between them. For backward compatibility, start-server could be kept by calling the new procedures in sequence.
Change History (4)
comment:1 Changed 13 years ago by
comment:2 Changed 13 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Works like a charm. Thank you.
Please try out trunk Spiffy. If that's acceptable, please close the ticket.
I've documented the new API and added an example on how to use it on the wiki.