[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] about cd .. command can change home directory up to root server
- Subject: Re: [cobalt-security] about cd .. command can change home directory up to root server
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Mon, 10 Sep 2001 21:15:54 +0200
- Organization: Stauber Multimedia Design
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi John,
> More importantly, though, in my opinion, setting /etc to be readable only
> by root is one heck of a bad idea.
Not really. The big benefits of it is that only user root can start and stop
processes. Also, all configuration data would be hidden for normal users.
This does *not* mean that those processes have to run as user root(!). You
can daemonize each launched process to run under a different username and
group by just launching them with (example for bind, taken from my
/etc/rc.d/init.d/named script:) "daemon named -u named -g named".
That works for every process. the "-u" specifies the username to run under,
while "-g" specifies the group.
On a SuSE Linux fresh out of the box this is the case for instance and I
would wonder if a regular RedHat wouldn't do it the same way, or at least in
a similar fashion.
Then again, I think the reason for the sloppy rights of /etc are that when
Cobalt brought the RaQ's out they targeted a market which has next to no
Linux knownledge. So that's why they most likely introduced the user "admin"
which can cause some havoc, but hardly can break the box unless he does
something really outrageously dumb. However, to give admin some rights, but
not all the file permissions for /etc had to be applied that way.
--
With best regards,
Michael Stauber
SOLARSPEED.NET