[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: socket-based activation has unmaintainable security?

On Thu, Feb 07, 2013 at 01:35:13AM +0800, Thomas Goirand wrote:
> >>> socket-activation in systemd _helps_ security in that you can give an
> >>> unprivlidged process a listening port under 1024. (using a privileged
> >>> configuration file)
> >> Privileged vs. unprivileged port is not really a secuitry improvement.
> > I think he's referring to allowing processes which require listening to a port
> > under 1024 to run without superuser privileges. I believe our implementation on
> > Debian (e.g. Apache) is to have the process start as root, start listening, and
> > then setuid to an unprivileged user.
> >
> Which would be the wrong way of doing things / wrong reason
> for using root as running user, since you can set the
> CAP_NET_BIND_SERVICE capability... (man capabilities ...)
Do we finally have mechanisms to start processes without root but with
elevated capabilities?


Attachment: signature.asc
Description: Digital signature

Reply to: