"Pier P. Fumagalli" wrote:
>
> Christopher Cain at [EMAIL PROTECTED] wrote:
> >
> >> I'm attaching a little C script that degradates the process to a specified
> >> user before execuing it. To compile do "gcc -O2 safexec.c -o safexec" and to
> >> run, (for example catalina) do:
> >>
> >> safexec username $CATALINA_HOME/bin/catalina.sh start
> >>
> >> It's written for Solaris, but it should work also on Linux (maybe some
> >> compilation warning of some kind)... DO NOT INSTALL IT W/ SUID PRIVILEGES,
> >> otherwise anyone will be able to break into your machine _easily_... 'K?
> >
> > My startup script (Linux) simply does this:
> >
> > daemon --user nobody $CATALINA_HOME/bin/catalina.sh start
>
> This is I believe Bergstein's daemontools?
To be honest, I'm not sure. It's how alot of the standard init.d scripts
are coded in Linux, so that's how I've also done mine. Whatever it is,
it's installed by default on every Linux distro I've ever used. Perhaps
I could throw a small patch into RUNNING.txt with a one-liner for *nix
users that the above is a safe way to put TC startup in a script file?
Does Solaris include this "daemontools" by default as well?
> > That's one way you can execute commands from a script with the proper
> > user privileges. Another way I've seen is:
> >
> > su -l nobody -c '$CATALINA_HOME/bin/catalina.sh start'
> >
> > That works too, but you usually have to mess around with redirects (by
> > adding, say, "< /dev/null > /dev/null 2>& 1" to the end of that su
> > command).
>
> Yeah... Same thing that my little C thing does. But being paranoid, su is
> installed setuid, so... :) :) :)
Agreed. While the above should technically be secure, you never really
know the what next security flaw will be. The daemon approach is
probably a little more ultimately secure.
> >> Let's try to be a LITTLE BIT security conscious here...
> >>
> >> Pier (in these days turned into a security freak!)
> >
> > =)
> >
> > I usually prefer putting "Paranoid" in front of my "Security Freak"
> > title, but that works too ;-)
>
> If you saw what I'm doing this week, you would surely share my vision of
> "freak" :) It's all week I'm running tripwire, nessus and some other (Sun)
> tools on a cluster of machines... AAARRRGGGHHH :) :) :)
Tripwire rules. Like any solution it is not 100% foolproof (no such
thing), but the possible attacks are fewer than with any other solution
I've ever seen and would be VERY involved.
- Christopher
