Menu
Is it possible for a Node.JS program that is running as root, to downgrade its authority while it is running? This would be one of the first things it does, and the purpose is of course to limit possible damage it could cause, in the unlikely event that there is a vulnerability, or mis-trusted code that runs in this process.
Alternatively, is there a way for Node.JS process that is running as root, to start a separate process which is non-root? (preferably without adding a layer in between, such as sudo)
718
Try process.setuid (and likewise, process.setgid).
86
Yes, use process.setuid(id) and process.setguid(id) to change the effective user/group id of the current process.
3
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
