On 18/05/2016 08:08, David Lang wrote: > On Wed, 18 May 2016, John Crispin wrote: > >> Hi, >> >> we had previously started building the infra for running stuff as !root. >> so far we have added >> >> * the userid/gid stuff >> * acl on ubus >> >> things that i know are missing >> >> * handling network ports < 1024 >> >> what am i missing ? can anyone think of other issues we need to address >> before we change uid to !root ? > > what things are you trying to run as !root?
services and daemons obviously > just changing everything to run as user lede (uid 1) instead of root > (uid 0) doesn't actually buy much, especially if user lede is able to > administer things https://xkcd.com/1200/ > > you want to end up running different types of things as different users, > and there the permissions get more 'interesting' thanks for the pointer, that was totally not obvious at all ... > there is a capability you can give to binaries to let them bind to ports > < 1024, there is also a proc setting you can use to let anything bind to > ports < 1024. ok, there had been some discussion about building a super daemon that runs, then ld-preloading bind() and co and using ubus to transport sockets around. using caps or /proc sounds like a good i between until such a daemon exists > > There are various other things that will require capabilities to work > (including some versions of ping and traceroute), but it's a matter of > fixing them as you bump into them. yes, but i'll try those on my journey. > don't try to make everything run as the same !root user, migrate things > one (or at least one category) at a time. thanks for the pointer, that was totally not obvious at all ... John _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
