Re: user running apache daemon

From: Brian Hatch (bri_at_ifokr.org)
Date: 11/17/03

  • Next message: sherwin Lu: "Re: Self-signed SSL cert vs. CA on same server" 
    Date: Mon, 17 Nov 2003 10:34:14 -0800
To: security-discuss@linuxsecurity.com

    > > i was wandering why the first process of apache runs as superuser,
    > > while the others run as nobody, as shown in the excerpt of "ps -aux"
    > > below. is it ok? doesn't it open any security breach?
    >
    > Another poster replied about root. I am going to reply about "nobody".
    >
    > I believe using "nobody" as the User is bad too. The nobody user is the
    > user that should be consider to have no privileges.
    >
    > But it is often abused to run various services and tasks where it creates
    > files (maybe like a locate database or maybe a CGI makes some data file).
    > So now it is not unprivileged because your nobody-running webserver may
    > be able to modify files entirely unrelated.

    ...

    To add to Jeremy's points, with which I totally agree, I'd add/flesh out
    one point.

    Long ago, folks ran unpriviledged things as nobody. All unpriviledged
    things. This meant that if someone compromised your anonymous ftp
    server that ran as nobody, they had read access to your web documents
    and CGIs (which too frequently contained passwords) and such.

    It makes much more sense to have a dedicated dummy user for each
    service.

    The nobody user should be avoided, as should 'doubling up' on a
    dummy user. 

    --
Brian Hatch                  Does the name
   Systems and                Pavlov ring
   Security Engineer          a bell?
http://www.ifokr.org/bri/
Every message PGP signed

    ------------------------------------------------------------------------
         To unsubscribe email security-discuss-request@linuxsecurity.com
             with "unsubscribe" in the subject of the message.

  • Next message: sherwin Lu: "Re: Self-signed SSL cert vs. CA on same server"