Use this Engine Plugin to start your CherryPy site as root (for example, to listen on a privileged port like 80) and then reduce privileges to something more restricted.
This priority of this plugin’s “start” listener is slightly higher than the priority for server.start in order to facilitate the most common use: starting on a low port (which requires root) and then dropping to another user.
DropPrivileges(cherrypy.engine, uid=1000, gid=1000).subscribe()
- class cherrypy.process.plugins.DropPrivileges(bus, umask=None, uid=None, gid=None)¶
Drop privileges. uid/gid arguments not available on Windows.
Special thanks to Gavin Baker
The gid under which to run. Availability: Unix.
The uid under which to run. Availability: Unix.
The default permission mode for newly created files and directories.
Usually expressed in octal format, for example, 0644. Availability: Unix, Windows.