From c716c1154f350d90d9acaa3e82ad789a6d72e284 Mon Sep 17 00:00:00 2001 From: Thomas Merkel Date: Wed, 5 Dec 2012 10:34:03 +0100 Subject: [PATCH 1/2] drop root privileges in node.js --- setup.js | 8 ++++++++ web.js | 10 +++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/setup.js b/setup.js index 210e761..3430faf 100644 --- a/setup.js +++ b/setup.js @@ -1,3 +1,11 @@ +// listen port +exports.port = 80; + +// uid and gid to drop root priv. +exports.uid = 'light'; +exports.gid = 'users'; + +// setup devices exports.setup = { presets: [ { diff --git a/web.js b/web.js index 19b532d..c8b4111 100644 --- a/web.js +++ b/web.js @@ -49,7 +49,15 @@ exports.init = function(dmx) { var app = http.createServer(handler) - app.listen(8080, '::'); + app.listen(setup.port, '::', null, function() { + try { + process.setuid(setup.uid); + process.setgid(setup.gid); + } catch (err) { + console.log(err); + process.exit(1); + } + }); io.listen(app).sockets.on('connection', function (socket) { socket.emit('init', {'devices': dmx.devices, 'setup': dmx.setup}); From d5674c13e300a882fd519dac7e2fb746373babc5 Mon Sep 17 00:00:00 2001 From: Thomas Merkel Date: Wed, 5 Dec 2012 10:42:09 +0100 Subject: [PATCH 2/2] config file for the webserver, allow drop of root priv. --- config.js | 8 ++++++++ dmx.js | 4 +++- setup.js | 8 -------- web.js | 6 +++--- 4 files changed, 14 insertions(+), 12 deletions(-) create mode 100644 config.js diff --git a/config.js b/config.js new file mode 100644 index 0000000..f65981c --- /dev/null +++ b/config.js @@ -0,0 +1,8 @@ +// webserver configuration + +// listen port +exports.port = 80; + +// uid and gid to drop root priv. +exports.uid = 'light'; +exports.gid = 'users'; diff --git a/dmx.js b/dmx.js index 6d2c0ef..0dfbd97 100644 --- a/dmx.js +++ b/dmx.js @@ -1,4 +1,5 @@ var events = require('events') + , config = require('./config.js') , web = require('./web.js') , setup = require('./setup.js').setup , devices = require('./devices.js').devices @@ -7,6 +8,7 @@ var events = require('events') var dmx = new events.EventEmitter(); +dmx.config = config; dmx.setup = setup; dmx.devices = devices; dmx.drivers = {}; @@ -22,4 +24,4 @@ for(var universe in setup.universes) { } -web.init(dmx); \ No newline at end of file +web.init(dmx); diff --git a/setup.js b/setup.js index 3430faf..210e761 100644 --- a/setup.js +++ b/setup.js @@ -1,11 +1,3 @@ -// listen port -exports.port = 80; - -// uid and gid to drop root priv. -exports.uid = 'light'; -exports.gid = 'users'; - -// setup devices exports.setup = { presets: [ { diff --git a/web.js b/web.js index c8b4111..3708eac 100644 --- a/web.js +++ b/web.js @@ -49,10 +49,10 @@ exports.init = function(dmx) { var app = http.createServer(handler) - app.listen(setup.port, '::', null, function() { + app.listen(dmx.config.port, '::', null, function() { try { - process.setuid(setup.uid); - process.setgid(setup.gid); + process.setgid(dmx.config.gid); + process.setuid(dmx.config.uid); } catch (err) { console.log(err); process.exit(1);