Skip to content

Relinquish Process Privileges in Node.js

View on Twitter

💡 Running Node.js as root so you can bind to ports 80/443?

👉🏼 You can relinquish privileges with "process.setuid()" & "process.setguid()" to reduce the damage potential in case of a breach. Do this right after the app starts.

Inside the callback function for server.listen, change process user with process.setuid('nodejs') and process.setguid('nodejs') to relinquish privileges and reduce damage potential in case of a breach.

Download the VPS Security Cheatsheet

Use this FREE security cheatsheet to not miss a step when securing your VPS.

A preview of the VPS Security Cheatsheet.

You'll also get tips on building scalable Node.js applications about twice a month. I respect your email privacy. Unsubscribe any time.

You might also like
Playground Application for JavaScript and Node.js Read tip
Skip to Content Link Read tip
Single (Non-)WWW and HTTPS Redirect in Apache Read tip