Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
How can I temporarily drop root privileges in Node.js?
I can see process.setuid in the standard library, but without seteuid, it cannot be temporary. Trying to get root privileges again fails.
I don’t think changing privileges in a Node.js program really makes sense because you don’t know when the different IO requests are going to be handled. You might change privilege, submit the IO, change back, and at some point in the future the IO will be performed — presumably under the privileges it runs with at the time.
I could imagine a mechanism to tie the euid, egid, and supplemental groups to specific IO requests, but it would probably be a drastic complication compared to their current design for not much benefit.
An approach you could take would spawn off new processes with
Cluster, change permissions, and then exit the process once you’re finished. You could also have it be long-lived and handle requests over an internal queue, butfork(2)is fast, and hopefully the Node.js shims overfork(2)aren’t too expensive.