Re: unix permissions for 4.0

This WebDNA talk-list message is from

2000

It keeps the original formatting. numero = 29586
interpreted = N
texte = Grant - I believe I sent a long e-mail sometime last year with my suggestions for asecure multiuser WebCatalog (I'll see if I still have it). I suggested that youshould investigate splitting the write daemons from read daemons, then have themspawn on different schedules. The read only daemon would run as nobody andwould hand off any write requests (via IPC or named pipes) to a write daemonwhich would be virtual host specific. This would allow someone to securely hostmany users, allow the files to be owned by each virtual site user. You wouldkeep a pool of read daemons, which would be shared across all sites, and thenspawn a write daemon for append/replace/writefile.You would need to have a virtual host table in RAM which would decide which userwould be used for each directory tree. You will need a good RegEx engine to dothis fast, so you can determine on the fly which heirarchy a given file belongsto. You might even be able to use chroot to lock the daemons into a givendirectory. I don't think it would be very profitable to pre-spawn daemons foreach virtual site.I really would not see any point to simply choose some other user to be thedaemon owner; it would probably come back to bite you on the support end,because people would not chose safe daemon users. There is a very good reasonwhy virtually all daemon processes start as root and switch to a non-priveledgedaccount. The security risks are too great otherwise. Only long-lived processesthat absolutely require root access run as root (or some other priveledgedaccount). HTHJohn Peacock____________________Reply Separator____________________Subject: unix permissions for 4.0 Author: Date: 3/24/00 11:21 AMQuick question for all you unix experts -- would it help you if WebCatalog had a preference for which user it started up as? Right now it starts up as root, then immediately and permanently switches itself to user nobody.We're trying to dig through all the possible side-effects of such a move.Grant Hulbert, Director of Engineering **********************************Smith Micro, Internet Solutions Div | eCommerce (WebCatalog)16855 West Bernardo Drive, #380 | -------------------------San Diego, CA 92127 | Software & Site DevelopmentMain Line: (858) 675-1106 | http://www.smithmicro.com Fax: (858) 675-0372 **********************************#############################################################This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to Associated Messages, from the most recent to the oldest:

Re: unix permissions for 4.0 (jpeacock@univpress.com 2000)

Grant - I believe I sent a long e-mail sometime last year with my suggestions for asecure multiuser WebCatalog (I'll see if I still have it). I suggested that youshould investigate splitting the write daemons from read daemons, then have themspawn on different schedules. The read only daemon would run as nobody andwould hand off any write requests (via IPC or named pipes) to a write daemonwhich would be virtual host specific. This would allow someone to securely hostmany users, allow the files to be owned by each virtual site user. You wouldkeep a pool of read daemons, which would be shared across all sites, and thenspawn a write daemon for append/replace/writefile.You would need to have a virtual host table in RAM which would decide which userwould be used for each directory tree. You will need a good RegEx engine to dothis fast, so you can determine on the fly which heirarchy a given file belongsto. You might even be able to use chroot to lock the daemons into a givendirectory. I don't think it would be very profitable to pre-spawn daemons foreach virtual site.I really would not see any point to simply choose some other user to be thedaemon owner; it would probably come back to bite you on the support end,because people would not chose safe daemon users. There is a very good reasonwhy virtually all daemon processes start as root and switch to a non-priveledgedaccount. The security risks are too great otherwise. Only long-lived processesthat absolutely require root access run as root (or some other priveledgedaccount). HTHJohn Peacock____________________Reply Separator____________________Subject: unix permissions for 4.0 Author: Date: 3/24/00 11:21 AMQuick question for all you unix experts -- would it help you if WebCatalog had a preference for which user it started up as? Right now it starts up as root, then immediately and permanently switches itself to user nobody.We're trying to dig through all the possible side-effects of such a move.Grant Hulbert, Director of Engineering **********************************Smith Micro, Internet Solutions Div | eCommerce (WebCatalog)16855 West Bernardo Drive, #380 | -------------------------San Diego, CA 92127 | Software & Site DevelopmentMain Line: (858) 675-1106 | http://www.smithmicro.com Fax: (858) 675-0372 **********************************#############################################################This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to jpeacock@univpress.com

DOWNLOAD WEBDNA NOW!

Re: unix permissions for 4.0

2000

Top Articles:

Related Readings: