[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Package install location for 0700 Directories

Charles Williams <chuck@itadmins.net> writes:

> However, I still have 1 problem. This package controls entire clusters
> (corosync, pacemaker, et al) and thus is designed with directory rights
> of 0700 for user hacluster (user used to run corosync). The problem is
> that 0700 directories are against policy in /usr/share. However,
> lighttpd is the delivery agent for the package and such apps (phpmyadmin
> and other web gui's) are usually installed in /usr/share. If I set the
> directories at 755 then there is the possibility that any service/script
> could execute files in the directory and thus control the cluster.

Er, why could anyone executing the scripts be able to control the cluster?
That implies that there are authentication credentials embedded in the
scripts, which is a bad design.

The authentication credentials should be moved out of the programs and
into either /etc (if the local administrator is supposed to maintain them)
or /var/lib (if the package handles them automatically), protected with
the appropriate permissions there, and then loaded at run time.

> I had considered moving it all to /var/lib but that doesn't seem to be
> correct to me. Is there a better location for the install where I can
> actually set 0700 permissions?

Anywhere you set 0700 permissions you'll need to override Lintian to tell
it that they're intentional, but that's fine for directories containing
authentication credentials.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: