On Tue, 10 Dec 2002, Erick Mechler wrote:
> Privsep is just an sshd thing right now.
<snip>
> As for running Apache as the www user, set
> User www
> Group www
<snip>

This is really the long-standing security premise of 'least privilege'.

<soapbox>
The funny thing is, historically, when people first started saying 'Gee,
we shouldn't run everything as root...' everybody started running things
as 'nobody'. (Hey, it's got low privilges!) Of course that essentially
made a nobody (operator, daemon, bin, etc.) compromise as valuable as a
root compromise.
</soapbox>

Now I think we all agree running daemons as unique users is a good and
relatively "common sense" practice... Just make sure you don't start
clumping too many services into any one user. Also, take care to ensure
that the users running your pocesses (should someone gain that privilege
level) cannot read sensitive data owned by other users running critical
services, etc. Mass acceptance of chroot() is making this much simpler,
but can obviously have it's own problems as well.

--
Mike Hoskins		This message is RFC 1855 compliant,
mikeadept.org		www.adept.org/~mike/pub/rfcs/rfc1855.html
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]