www-community mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Santiago Gala <sg...@hisitech.com>
Subject Re: WORA Considered Evil ;-)
Date Wed, 02 Jul 2003 15:25:29 GMT
Serge Knystautas escribió:
> Santiago Gala wrote:
>> I think a good equilibrium point between the "marketing" view of 
>> security (making sysadms trust) and purist java technical view would 
>> be to allow James not having to run as root under Unix (to handle 
>> protected ports like 25, 110, etc.) and then securing the rest of the 
>> processing through java security declarations.
> Since people here know qmail and sendmail a lot better than I do... how 
> do they bind to those ports without running as root?

It is done, AFAIK, having a small program running as root, which just 
opens the server socket(s), listens to them. Every time a connection is 
accepted, this driver forks and spawns a different program under lesser 
privileges, passing it the socket as file descriptor. (Don't take this 
as a precise description)

A small auxiliary process (a minimalistic and security conscious C 
program) doing this and using some kind of IPC to communicate with a 
James+JNI process could do the job in a way that is both portable and 
can be trusted by sysadms. Please correct me if I'm wrong, as I'm not a 
POSIX wizard at all. I don't know how much of this applies to Windows, 
although sandboxing Windows services does not look like a bad idea.

Similar to what Costin and Pier discussed about some days ago re: 
communicating Apache with Tomcat, in a thread named "How ASF membership 
works and what it means".

P.S.) ASF membership means you can speak about those difficult issues 
and (some) people will actually listen :-P (For those blunt enough, this 
is a disclaimer)

Santiago Gala
High Sierra Technology, S.L. (http://hisitech.com)

To unsubscribe, e-mail: community-unsubscribe@apache.org
For additional commands, e-mail: community-help@apache.org

View raw message