如何使用非root用户绑定到80端口
发布于 13 年前 作者 guilin 8420 次浏览 最后一次编辑是 8 年前

找到一篇好文章

https://github.com/nko2/website/blob/master/designs/blog/14-deploying-to-linode.md

Binding to port 80

Take note of the listen call in our app.js:

app.listen(process.env.NODE_ENV === 'production' ? 80 : 8000, function() {
  console.log('Ready');

  // if run as root, downgrade to the owner of this file
  if (process.getuid() === 0)
    require('fs').stat(__filename, function(err, stats) {
      if (err) return console.log(err)
      process.setuid(stats.uid);
    });
});

It specifically binds to port 80 when run in production mode and otherwise to port 8000. Because we’re running node under upstart (and therefore as root initially), node has the chance to bind to the privileged port 80. Once it’s bound though, it downgrades its uid to the owner of the app.js file, namely our deploy user. This is much more secure than running your app as the root user.

先使用root绑定, 在绑定成功后, 修改process的uid, 是否只有这一种方法, 不知各位使用的是什么方法?

回到顶部