LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-16-2006, 06:24 AM   #1
count_D
LQ Newbie
 
Registered: Dec 2006
Location: Germany
Distribution: Slackware 12.0
Posts: 10

Rep: Reputation: 0
location of programs and security


Hello

I just wanted to know if the location of programs does in any way affect the security of my system. Does it make sense to put network related stuff in my homedirectory or is this unnecessary paranoia?
 
Old 12-16-2006, 06:57 AM   #2
live_dont_exist
Member
 
Registered: Aug 2004
Location: India
Distribution: Redhat 9.0,FC3,FC5,FC10
Posts: 257

Rep: Reputation: 30
Why would you want to put network related stuff in your home directory? BTW what do you mean by network related stuff??

Cheers
Arvind
 
Old 12-16-2006, 07:04 AM   #3
count_D
LQ Newbie
 
Registered: Dec 2006
Location: Germany
Distribution: Slackware 12.0
Posts: 10

Original Poster
Rep: Reputation: 0
Things like tor and privoxy. Filesharing programs. Please keep in mind that i'm just a user without a programming background. I just want to know if it makes any difference if i run these programs from my homedirectory and what this diffrence would be.
 
Old 12-17-2006, 12:23 AM   #4
live_dont_exist
Member
 
Registered: Aug 2004
Location: India
Distribution: Redhat 9.0,FC3,FC5,FC10
Posts: 257

Rep: Reputation: 30
No there's no difference wherever you run it from , except that you should be installing software(any software..not just network related) in /opt or any other partition.

Home directory is fine...but it causes confusion incase you run into trouble or need to reorganize. You'd want to have all your software in 1 place so its easy to find.

If you dont have permission to write into /opt then I guess you'll want to create a /home/count_D/software directory and install stuff into that.

Cheers
Arvind
 
Old 12-17-2006, 07:37 AM   #5
count_D
LQ Newbie
 
Registered: Dec 2006
Location: Germany
Distribution: Slackware 12.0
Posts: 10

Original Poster
Rep: Reputation: 0
Thanks for the answer.
 
Old 12-17-2006, 07:57 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,019
Blog Entries: 54

Rep: Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766
I just wanted to know if the location of programs does in any way affect the security of my system. Does it make sense to put network related stuff in my homedirectory or is this unnecessary paranoia?

Here's my take on it. If a system service (a "daemon" or serving application) is run it becomes a process. The process is started from the root account user and then run under a specific user. The root account allows for instance the process to be bound to a port below 1024, and the transfer to the user account ("drop rights") gives the process limited rights (as in access to system resources). While daemons start out as a root-owned process, they should not continue running as root-owned process. This goes for TOR, Privoxy, SSH, Apache, and all the other daemons. Make sure the service is not configured with insecure settings and network (public) access is restricted using your firewall and the configuration options. To limit rights further the process can be run under SELinux, RBAC or within a "jail" or "chroot".

If you run an application from your own user account it also becomes a process, but since the process is started by your user the process already has limited rights (OK, except setuid stuff, nevermind here). This is the way your run apps from your console or "desktop" like pine, OpenOffice.org and all the other user applications. Network access can be restricted by the systems firewall. Process rights can be limited further if the system runs SELinux or RBAC.

So, in short: the location is not the most important (except for managability and FSSTND or FHS compliance), but how it is configured to run and who runs it. Running a system service (TOR, Privoxy) from your own user account is not necessary if the system is properly configured, and running user applications from the root user account should not happen (at all unless configuring things requires so).
 
Old 12-17-2006, 08:59 AM   #7
introuble
Member
 
Registered: Apr 2004
Distribution: Debian -unstable
Posts: 700

Rep: Reputation: 31
Quote:
I just wanted to know if the location of programs does in any way affect the security of my system
Well.. yes.. if their location is read-only media (Like a CD, or whatever.)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Newbie: Security and Updating programs almontr Linux - Newbie 4 01-22-2006 04:24 PM
Security Programs gfrair Linux - Newbie 8 09-01-2005 03:15 PM
apache: location in location eantoranz Linux - Networking 2 08-08-2005 09:37 PM
Distros, installing programs and security. fipeso Linux - Newbie 8 04-17-2005 01:44 AM
where is the location of installed programs? in windows there is progam files.. hmm kublador Linux - Newbie 7 03-15-2003 03:09 AM


All times are GMT -5. The time now is 05:42 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration