LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   Editing files owned by root (https://www.linuxquestions.org/questions/programming-9/editing-files-owned-by-root-573066/)

SiW 07-28-2007 09:01 PM
Editing files owned by root
 
Hi, I'm planning to make a server/client program in Java, where the client connects to the server and the server edits files located on the server. What I want to know is, if the files are owned by root, what is the most secure way of editing the files? Should I just run the server as root, or is there a better way of doing it?

Thanks,
SiW

zhangmaike 07-28-2007 09:50 PM
The most secure thing to do would be to change the ownership of those files such that your server can read and write to them. This would not only allow the server to run without root privileges, but would allow you to selectively choose which root-owned files can be edited and which cannot.

ta0kira 07-29-2007 12:14 PM
I wouldn't go as far as changing the ownership of the files unless your application is already rock solid security-wise. The safest way I see to do this is to copy-on-edit the files to a holding tank and require root to approve overwrites. You should use this method at least until your program is stable so that an error in the program doesn't do something catastrophic such as corrupt fstab or shadow or whichever critical file it might be editing.

To allow root to approve the changes, I would create an "approve" script which copies the files from the holding tank to their correct locations while backing up the old versions. This can be run by connecting via ssh remotely if necessary. You should, of course, access the files and check their validity before copying them into place.
ta0kira

PS In general, the only reason a server program should run as root is to start sub-processes under different user IDs. Normally the main process shouldn't access anything using the root user ID. Part of the security policy for the server I am writing specifically states that the server won't interact with the file system ever with a user ID of root.

bigearsbilly 07-31-2007 09:55 AM
why are they root files?

are they in /etc or something?

I would say avoid being root where possible at all times.
perhaps you could change the file groups and make them writeable for
your servers group

or if not something like, say, a root server process reading a fifo or better a unix socket,
so your server gets a copy of the conf file, edits it, writes it's path to
the fifo and the root process does the rest?

sudevank 07-31-2007 10:00 AM
try sudo after login as user

taylor_venable 07-31-2007 01:36 PM
Quote:
Originally Posted by bigearsbilly
or if not something like, say, a root server process reading a fifo or better a unix socket,
so your server gets a copy of the conf file, edits it, writes it's path to
the fifo and the root process does the rest?
That sounds like a good idea, but your server must then authenticate itself to the root process. That's not hard, but it is an extra step. I'd opt for using group privileges on the files if these things are to be written often. (Although if that were the case, the question "why aren't they owned by the user the server is running as" is begged.)


All times are GMT -5. The time now is 05:49 PM.