in reply to Re: Privilege reduction with start_server / plackup
in thread Privilege reduction with start_server / plackup

You are probably right. It is surprising that Miyagawa didn't incorporate something like this already and it makes me wonder what everyone else does when using Twiggy. Do they just run it as root and not care about the security aspects? Do they hide it on a high port behind a reverse proxy? Or do they offer it publicly but on a non-standard high port?

Thanks for thinking of and sharing this approach.

  • Comment on Re^2: Privilege reduction with start_server / plackup

Replies are listed 'Best First'.
Re^3: Privilege reduction with start_server / plackup
by kikuchiyo (Hermit) on Apr 17, 2020 at 10:10 UTC

    Do they hide it on a high port behind a reverse proxy?

    At $WORK, we do that, plus the Twiggy server itself is containerized.

[reply]

In Section Seekers of Perl Wisdom