LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Privilege separation best practices (https://www.linuxquestions.org/questions/linux-security-4/privilege-separation-best-practices-4175687412/)

Turbocapitalist 12-24-2020 12:11 AM
Privilege separation best practices
 
I have a light meter which has Python3 libraries which seem to require root access. I don't want the whole script to run as root, just the part which reads the light intensity. I wonder what are the established best practices for dealing with that.

Running a script on-demand just to read the meter is very sluggish and introduces a variable but massive amount of lantency into the workflow. So I am guessing something needs to be left running. How should other scripts and progrmas then poll the script which monitors the meter? Sockets? FIFO pipe? Others?

berndbausch 12-24-2020 12:50 AM
Use Apache as an example. One process listening on ports 80 and 443, which must run with root privileges. HTTP requests that it receives are sent to the worker processes, which also run all the time in the background, but under the apache identity.

How the root process communicates with the apache processes is probably not a security question (I don't know, off-hand, how Apache does it). I'd implement whatever communication method is most convenient for your use case and for whatever Python has to offer. A socket-based solution may have the advantage that you could easily port the program to client and server running on several computers.

Turbocapitalist 01-08-2021 09:52 AM
Are there any more recent concise theoretical overviews than Dr Provos' Privilege Separated OpenSSH from 2003? The information there is still valid but I would like to see additional thoughts on the task.

pan64 01-08-2021 10:39 AM
I have no idea what is this, but probably giving permission to the user to the given device will solve this issue. Would be nice to know why does it need root access.
From the other hand you may try to construct a daemon process which will read that device (as root) and you can use a socket (or an api) to communicate with that daemon.

Turbocapitalist 01-08-2021 10:50 AM
Quote:
Originally Posted by pan64 (Post 6205400)
Would be nice to know why does it need root access.
No idea but the early iterations of these things are often written by hardware bros resentful of coding and they are infamous for disliking layered security or updates. This year I have read enough that I can understand how they ended up with that world view but at the same time hardware is not hardware any more. But I digress.

The specific python3 error is:

"PermissionError: [Errno 13] Permission denied: '/usr/local/lib/python3.7/dist-packages/board.py'"

However, I cannot guess as to what that is about.

Code:
$ dpkg -S $(readlink -f /usr/local/lib/python3.7/dist-packages/board.py)
dpkg-query: no path found matching pattern /usr/local/lib/python3.7/dist-packages/board.py
In the mean time, I will begin with a separate process and communicate with it using sockets.

pan64 01-08-2021 11:04 AM
board.py most probably installed by pip, not dpkg. You can check if the file exists and looks like this: https://github.com/tjguk/dojo-board/...aster/board.py
see also here: https://pypi.org/project/board/
Also you need to check the permission of this file (if the current user can read it).


All times are GMT -5. The time now is 07:15 AM.