Editing files owned by root
Hi, I'm planning to make a server/client program in Java, where the client connects to the server and the server edits files located on the server. What I want to know is, if the files are owned by root, what is the most secure way of editing the files? Should I just run the server as root, or is there a better way of doing it?
Thanks, SiW |
The most secure thing to do would be to change the ownership of those files such that your server can read and write to them. This would not only allow the server to run without root privileges, but would allow you to selectively choose which root-owned files can be edited and which cannot.
|
I wouldn't go as far as changing the ownership of the files unless your application is already rock solid security-wise. The safest way I see to do this is to copy-on-edit the files to a holding tank and require root to approve overwrites. You should use this method at least until your program is stable so that an error in the program doesn't do something catastrophic such as corrupt fstab or shadow or whichever critical file it might be editing.
To allow root to approve the changes, I would create an "approve" script which copies the files from the holding tank to their correct locations while backing up the old versions. This can be run by connecting via ssh remotely if necessary. You should, of course, access the files and check their validity before copying them into place. ta0kira PS In general, the only reason a server program should run as root is to start sub-processes under different user IDs. Normally the main process shouldn't access anything using the root user ID. Part of the security policy for the server I am writing specifically states that the server won't interact with the file system ever with a user ID of root. |
why are they root files?
are they in /etc or something? I would say avoid being root where possible at all times. perhaps you could change the file groups and make them writeable for your servers group or if not something like, say, a root server process reading a fifo or better a unix socket, so your server gets a copy of the conf file, edits it, writes it's path to the fifo and the root process does the rest? |
try sudo after login as user
|
Quote:
|
All times are GMT -5. The time now is 05:49 PM. |