[patch] changing uid of the server
Michael Scherer
misc at mandriva.org
Thu Sep 20 08:31:39 UTC 2007
Selon Jeremy Lawler <jeremylawler at gmail.com>:
> I think I must be missing something. Jabber doesn't use any low
> numbered ports, so why do you need to change the uid after you start
> it? You can start the server as an unprivileged account and bypass
> the whole "changing UIDs" thing.
Some people may wish to run a jabber server on a low numbered port to bypass
firewall ( like jabber80.com, and I think bypassing a squid proxy by running a
jabber server on port 443 could be useful ). Of course, you could still do it
with some iptables or xinetd trick to redirect port, but then, the same could
apply to apache or anything listening to port < 1024.
There is also some kernel patch that prevent nonroot user from opening server
socket, or stuff like that.
But the main reason I had was the pidfile, in /var/run/. Of course, we could
place it elsewhere, but this would be against FHS I guess. And lowering
permission of /var/run is not a option, imho.
And keeping everything in one file is better than having part of the
configuration in the initscript, and the rest in the configfile.
--
Michael Scherer
More information about the Djabberd
mailing list