Charles Williams <ch...@itadmins.net> writes: > However, I still have 1 problem. This package controls entire clusters > (corosync, pacemaker, et al) and thus is designed with directory rights > of 0700 for user hacluster (user used to run corosync). The problem is > that 0700 directories are against policy in /usr/share. However, > lighttpd is the delivery agent for the package and such apps (phpmyadmin > and other web gui's) are usually installed in /usr/share. If I set the > directories at 755 then there is the possibility that any service/script > could execute files in the directory and thus control the cluster.
Er, why could anyone executing the scripts be able to control the cluster? That implies that there are authentication credentials embedded in the scripts, which is a bad design. The authentication credentials should be moved out of the programs and into either /etc (if the local administrator is supposed to maintain them) or /var/lib (if the package handles them automatically), protected with the appropriate permissions there, and then loaded at run time. > I had considered moving it all to /var/lib but that doesn't seem to be > correct to me. Is there a better location for the install where I can > actually set 0700 permissions? Anywhere you set 0700 permissions you'll need to override Lintian to tell it that they're intentional, but that's fine for directories containing authentication credentials. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87ehgm9166....@windlord.stanford.edu
