FW: Tomcat before Apache

Fri, 17 Aug 2001 09:37:47 -0700 

FYI... The next one I see on any mailing list suggesting to start tomcat
(any version) from the RC files without changing user id will understand
what it means to be flamed... :-/

    Pier

------ Forwarded Message
From: Pier P. Fumagalli <[EMAIL PROTECTED]>
Organization: Apache Software Foundation
Date: Fri, 17 Aug 2001 17:56:38 +0100
To: <[EMAIL PROTECTED]>
Subject: Re: Tomcat before Apache

Guys. If you wanted to scare the hell out of me, you succeeded... ARE WE
GOING TO SUGGEST TO OUR USERS TO RUN TOMCAT AS ROOT? ARE YOU ALL NUTS?

Ok, it's good code, but I wouldn't trust not even my mother with root access
on my machine... Starting it from the RC scripts will mean that TOMCAT is
called as root....

I'm attaching a little C script that degradates the process to a specified
user before execuing it. To compile do "gcc -O2 safexec.c -o safexec" and to
run, (for example catalina) do:

safexec username $CATALINA_HOME/bin/catalina.sh start

It's written for Solaris, but it should work also on Linux (maybe some
compilation warning of some kind)... DO NOT INSTALL IT W/ SUID PRIVILEGES,
otherwise anyone will be able to break into your machine _easily_... 'K?

Let's try to be a LITTLE BIT security conscious here...

    Pier (in these days turned into a security freak!)

--- This is safexec.c: -----------------------------------------------------

#include <sys/types.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <stdio.h>
#include <pwd.h>

int main(int argc, char *argv[]) {
    struct passwd *user=NULL;
    char **args=NULL;
    int x;

    if (argc<3) {
        fprintf(stderr, "Usage: %s [user] [command] [...]\n",argv[0]);
        return(1);
    }

    user=getpwnam(argv[1]);

    if (setgid(user->pw_gid)!=0) {
        fprintf(stderr, "%s cannot set requested user/group id\n", argv[0]);
        return(2);
    }

    if (setuid(user->pw_uid)!=0) {
        fprintf(stderr, "%s cannot set requested user/group id\n", argv[0]);
        return(2);
    }

    args=(char **)malloc((argc-1)*sizeof(char *));
    for (x=2; x<argc; x++) args[x-2]=argv[x];
    args[argc-1]=NULL;

    execvp(argv[2], args);
    fprintf(stderr, "%s: %s: %s\n", argv[0], argv[2], strerror(errno));
}

--- End of safexec.c: ------------------------------------------------------

------ End of Forwarded Message

Reply via email to