Saturday, February 21, 2009

run as a lesser user in order to help security.

some applications that are started by the root user give their permissions to run as a lesser user in order to help security.

Ex:

The apache web server,must be started by the root user in order to listen to port 80(only root users can bind to ports lower than 1024), but it then gives up its root permissions and start all of its threads as lesser user. (typically the user "nobody" , "apache" , or "www" )

can any one give more examples for this ?


Tim greer

Only ports below 1024 need to bind as the root user originally. You can bind to higher ports as non privileged users as the parent, but only a privileged user can drop and regain higher privileged uid/gids. Other examples are in many services; Apache, FTP, Named, etc.




maxwell lol

There are many programs that have SETUID to root permission, and drop permissons after authenticating someone, establishing a connection, etc.

X
sudo
sendmail

These commands will list some setuid programs
find /usr -perm -4000 -type f | xargs ls -l

unruh

I think he means that a program is started by root, and then drops root priv. For example programs started up on boot are usually started up by root (/etc/rc.local, /etc/rc?.d, ...) and many then drop root. For example, httpd is NOT suid root. It is run by root, attaches, and then
drops priv to apache, or whatever the user is.


Tim greer

Also, for the OP's sake, they should be aware that a program doesn't need to be suid to run as root and drop privs, or regain privs after it's dropped to a non prived user.

The natural philosopher

Ive never been able to run with root privs without being started by a root process or having SUID root.So I would be interested to know how you achieve that


Tim greer

I said (for the OP's sake) that they don't have to be suid, as they might have been confused by the reply, since you only mentioned suid. For their benefit, I stated the programs didn't need to be suid. I'm sure you knew that, so I said it isn't always the case or needed. It does need to run as root somehow, of course, to drop and regain root privs or change uid/gid.




florian diesch

init is neither SUID nor started by a root process
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)