英文:
echo framework, downgrade privileges at which moment?
问题
我使用 echo framework 来创建我的 API 服务器。它由 systemd 启动,并且默认需要 root 权限,以便获取低于 1024 的端口。为了安全起见,在 echo framework 获取监听端口之后,我想要降低我的 go 程序的权限。
我知道如何降低权限,但是我找不到一个合适的事件/回调函数来实现这个。问题在于,echo.Start()
和 echo.StartAutoTLS()
不会返回。我可以创建一个并行线程,并尝试查找我的 echo 会话的某个状态值,告诉我端口已经打开,但我也找不到这样的状态指示。
我该如何确保在端口被获取后执行一些代码(并确保知道)?
到目前为止,我在服务器创建之前运行一个并行的 go 线程,并等待 5 秒钟进行降级。到目前为止,这个方法可以工作,但是这是一种笨拙的方法,我不喜欢它
英文:
I use echo framework for creation of my API server. It is started by systemd and needs root by default, in order to aquire ports below 1024. For security I like to downgrade privileges of my go program after the listening port has been aquired by echo framework.
I know how to downgrade, but I can not find a suitable event/callback for this? The problem is, that echo.Start()
and echo.StartAutoTLS()
do not come back. I can create a parallel thread and try to find some status value of my echo session telling me that the port was opened, but I can not find such status indication either.
How can I make sure that I get some code executed after the port is aquired (and know for sure)?
Until now I run a parallel go thread just before server creation and wait 5 seconds to do the downgrade then. It works so far, but this is hacky and I don't like it
答案1
得分: 2
你可以使用e.ListenerAddr()来检查端口是否打开。
它会在端口打开之前返回nil。
func degradePrivileges(e *echo.Echo, userName string) {
for {
adr := e.ListenerAddr()
if adr != nil {
degradeMe(userName)
break
}
time.Sleep(100 * time.Millisecond)
}
}
英文:
You can use e.ListenerAddr() to check if the port is open.
It will return nil until the port is open.
func degradePrivileges(e *echo.Echo, userName string) {
for { adr := e.ListenerAddr() if adr != nil {
degradeMe(userName) break
}
time.Sleep(100 * time.Millisecond) }
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论