LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Program run as root, configfiles writable by 'user' (https://www.linuxquestions.org/questions/linux-newbie-8/program-run-as-root-configfiles-writable-by-user-793417/)

jonaskellens 03-05-2010 09:54 AM

Program run as root, configfiles writable by 'user'
 
If I have a program running as root, can I have the config files as follow :

Code:

-rw------- 1 user user 50310 Mar  5 15:16 configfile.conf
Root will be able to read the config-files, right ??

And only the user 'user' will be able to change the config-files, right ?

smoker 03-05-2010 09:58 AM

Yes, root can do anything.

Be careful though. You don't want users passing malicious commands by putting them in the config file and getting root to execute them.

jonaskellens 03-05-2010 10:09 AM

Tell me if I'm safe :

This 'user' has no shell (/sbin/nologin) and is chrooted with vsftp to the directory that holds the config files.

With a safe FTP-password, am I correct that only I with this 'user' can edit the config files with my FTP-program ??

smoker 03-05-2010 10:14 AM

Yes, as long as no one else uses your ftp program.
As long as no other users can traverse the directory tree into that users directories, then they can't even see it.

But root sees all ;-)


All times are GMT -5. The time now is 11:52 PM.