echo framework, downgrade privileges at which moment?

huangapple go评论99阅读模式
英文:

echo framework, downgrade privileges at which moment?

问题

我使用 echo framework 来创建我的 API 服务器。它由 systemd 启动,并且默认需要 root 权限,以便获取低于 1024 的端口。为了安全起见,在 echo framework 获取监听端口之后,我想要降低我的 go 程序的权限

我知道如何降低权限,但是我找不到一个合适的事件/回调函数来实现这个。问题在于,echo.Start()echo.StartAutoTLS() 不会返回。我可以创建一个并行线程,并尝试查找我的 echo 会话的某个状态值,告诉我端口已经打开,但我也找不到这样的状态指示。

我该如何确保在端口被获取后执行一些代码(并确保知道)?

到目前为止,我在服务器创建之前运行一个并行的 go 线程,并等待 5 秒钟进行降级。到目前为止,这个方法可以工作,但是这是一种笨拙的方法,我不喜欢它 echo framework, downgrade privileges at which moment?

英文:

I use echo framework for creation of my API server. It is started by systemd and needs root by default, in order to aquire ports below 1024. For security I like to downgrade privileges of my go program after the listening port has been aquired by echo framework.

I know how to downgrade, but I can not find a suitable event/callback for this? The problem is, that echo.Start() and echo.StartAutoTLS() do not come back. I can create a parallel thread and try to find some status value of my echo session telling me that the port was opened, but I can not find such status indication either.

How can I make sure that I get some code executed after the port is aquired (and know for sure)?

Until now I run a parallel go thread just before server creation and wait 5 seconds to do the downgrade then. It works so far, but this is hacky and I don't like it echo framework, downgrade privileges at which moment?

答案1

得分: 2

你可以使用e.ListenerAddr()来检查端口是否打开。
它会在端口打开之前返回nil。

func degradePrivileges(e *echo.Echo, userName string) { 
	for { 
		adr := e.ListenerAddr() 
		if adr != nil { 
			degradeMe(userName) 
			break 
		} 
		time.Sleep(100 * time.Millisecond) 
	} 
}
英文:

You can use e.ListenerAddr() to check if the port is open.
It will return nil until the port is open.

func degradePrivileges(e *echo.Echo, userName string) { 
	for { adr := e.ListenerAddr() if adr != nil { 
		degradeMe(userName) break 
	} 
	time.Sleep(100 * time.Millisecond) } 
} 

huangapple
  • 本文由 发表于 2021年6月7日 15:08:47
  • 转载请务必保留本文链接:https://go.coder-hub.com/67867325.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定