找到一篇好文章
https://github.com/nko2/website/blob/master/designs/blog/14-deploying-to-linode.md
Binding to port 80
Take note of the listen call in our app.js:
app.listen(process.env.NODE_ENV === 'production' ? 80 : 8000, function() {
console.log('Ready');
// if run as root, downgrade to the owner of this file
if (process.getuid() === 0)
require('fs').stat(__filename, function(err, stats) {
if (err) return console.log(err)
process.setuid(stats.uid);
});
});
It specifically binds to port 80 when run in production mode and otherwise to port 8000. Because we’re running node under upstart (and therefore as root initially), node has the chance to bind to the privileged port 80. Once it’s bound though, it downgrades its uid to the owner of the app.js file, namely our deploy user. This is much more secure than running your app as the root user.
先使用root绑定, 在绑定成功后, 修改process的uid, 是否只有这一种方法, 不知各位使用的是什么方法?