On Tue, Mar 15, 2011 at 11:09:13PM +0100, Georges Khaznadar wrote:
> Hello Bill,
>
> the override was intended to make a few commands as low privileged
> as possible. Most of the files under the subdirectory /var/lib/wims are
> owner by the system user "wims", which is created for the sake of the
> package wims. Instead of making nobody:nogroup to own these commands,
> I may create another pair of user/group, for instance nowims/nowims and
> use this pair to achieve the same goal.
>
> Do you agree with this possibility?
The issue is not with $lambdawrapper running as nobody:nogroup which is fine.
The issue is that the file is owned by nobody:nogroup.
One solution is to make it suid root and do a setreuid(nobody)/setregid(nogroup)
at startup.
Beside nobody and nogroup are not dynamically allocated UID/GID so it is
improper
to use dpkg-statoverride.
> By the way, please can you give me some link about the problem which
> arises with the usage of nobody/nogroup?
nobody:nogroup are reserved for runtime process priviledge. No files should be
owned
by nobody:nogroup. This way, a process running with the priviledge of
nobody:nogroup
has no special priviledge (it qualifies as 'other' for all files).
If the file $lambdawrapper was owned by nobody:nogroup, then a nobody:nogroup
process
could write to it since it is 6755, thus defeating the prupose of
nobody:nogroup.
For reference see /usr/share/doc/base-passwd/users-and-groups.txt.gz
nobody, nogroup
Daemons that need not own any files sometimes run as user nobody and group
nogroup, although using a dedicated user is far preferable. Thus, no files
on a system should be owned by this user or group.
Cheers,
Bill.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]