This _is_ a great idea and i considered something like it before, the only
problem is that we are deploying on Solaris.
sach
On Tue, 12 Sep 2000, Brian Beaulieu wrote:
> My solution seems to be working so far.
>
> I have Orion running as an arbitrary user bound to port 8000
>
> I'm redirecting with ipchains all requests to port 80 to port 8000 with:
>
> ipchains -A input -p tcp -s 0/0 -d 0/0 80 -j REDIRECT 8000
>
> The logs show the originating host since I'm not masquerading - this is
> obviously very important. I haven't run into a problem yet.. I'll try
> to break it and report here if I do.
>
> Regards,
>
> Brian
>
> Sach Jobb wrote:
> >
> > Thanks guys,
> >
> > This sums up everything pretty well:
> > http://www.orionsupport.com/users.html
> >
> > The root of the problem (pun intended) is here:
> >
> > "Java, however, has no concept of a user, because Java is cross-platform
> > and some platforms don't have any real user (such as Win98, which uses the
> > term "user" very loosely.)"
> >
> > cheers,
> > sach
> >
> > %s/windows/linux/g
> >
> > On Tue, 12 Sep 2000, Brian Beaulieu wrote:
> >
> > > I tried this (had to recompile the library though).
> > >
> > > It says it's running it as user 'nobody' however all processes are
> > > stilled owned by nobody. When I attempt to create a directory '/blah'
> > > (shouldn't be able to), it works. I have to find a way to do this.
> > > I'm going to try running orion on a port > 1024 and do port forwarding
> > > but that might cause some issues with advanced functionality. I'll look
> > > at the JINI library to see if I can find the problem and do some more
> > > debugging. Are there any other solutions out there?
> > >
> > > Regards,
> > >
> > > Brian
> > >
> > > Markus Holmberg wrote:
> > > >
> > > > On Mon, Sep 11, 2000 at 11:11:57AM -0700, Sach Jobb wrote:
> > > > > Has anyone found a way of running Orion on port80 without being root?
> > > > >
> > > > > I'm getting ready to launch a finance based site and i'm quite concerned
> > > > > about security. I've seen messages like this posted before but i have yet
> > > > > to see any kind of resolution. Any ideas?
> > > >
> > > > Changing Orion's uid using JNI:
> > > >
> > > > http://www.orionsupport.com/users.html
> > > >
> > > > Markus
> > > >
> > > > --
> > > >
> > > > Markus Holmberg | Give me Unix or give me a typewriter.
> > > > [EMAIL PROTECTED] | http://www.freebsd.org/
> > >
>
