[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Lower Process Capabilities



On Sunday 26 July 2009 08:54:26 pm Steve Grubb wrote:
> > I trust you meant to write 0555?
>
> No, I really mean 005 so that root daemons are using public permissions.
> Admins of course have DAC_OVERRIDE and can do anything. Try the script in a
> VM and tell me if there are any problems you see.

I should elaborate more. The issue is that sometimes there are secrets that 
root admins have access to that should not be available to semi-trusted 
daemons. For example, any private keys in /root or /etc. You do not want any 
daemon that could be compromised to have access to these. So, its safest just 
to set the permissions to 0005 so that they have no access to /root.

I expect a few corner cases, but other than /etc/resolve.conf I don't know of 
any problems.

-Steve


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]