Privilege dropping under Unix

My treehouse webserver is designed to bind to the privileged networking ports 80 and 443 upon startup, to serve HTTP and HTTPS. This essentially means that treehouse needs to be started with root privileges, which it will however drop as soon it has bound (i.e., secured access) to those ports: The process will use its root privileges to modify itself to become less privileged, something that can not be reversed.

This has a number of security benefits. Depending on which user/group ID (uid/gid) is assumed, the amount of files that the process can access is significantly reduced. By default, treehouse will change its process user and group ID to 65534, aka the "nobody" user which typically has the least amount of access on a Unix system.

Now treehouse can in effect only open (and thereby make available to the outside Internet) files that are "world-readable", i.e., that have the permission bit set to be publicly readable.

Here is how to do this in Go:

  package main

  import (

  func main() {
          var uid, gid  = 65534, 65534

          if syscall.Getuid() != 0 {
                  log.Fatalln("Must be run as root")
          // listen on port 80, requires root
          httplistener, err := net.Listen("tcp", ":http")
          if err != nil {

          // drop privileges here
          log.Println("Running as root, dropping privileges")
          if err = syscall.Setgid(gid); err != nil {
                  log.Fatalln("Unable to set GID due to error:", err)
          if err = syscall.Setuid(uid); err != nil {
                  log.Fatalln("Unable to set UID due to error:", err)
          // privileges are dropped, we are no longer root

          // set up http mux
          // ...
          // serve HTTP
          log.Fatalln(http.Serve(httplistener, mux))

Pages linking here