Article delegate-en/5075 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] For whom do not want being a super-user for DeleGate
02 Jun 2014 09:07:55 GMT ysato@delegate.org (Yutaka Sato)


Indeed I hate being a super-user to run DeleGate and expect you
also feel like me.  At least it is tiresome to type "sudo" every
time I invoke DeleGate to let it use privileged ports.
You may think you can set the SETUID bit to the executable file of
DeleGate to bypass the work.  But the real problem is that it could
be dangerous to run DeleGate under super-users' right having so
much functionalities that can be dangerous if utilized by attackers.

Therefore by default DeleGate become owned by non-super-user
immediately after finished binding of its entrance ports (specified
as -P21).  The owner can be specified with OWNER="User" parameter
of which default is OWNER="nobody", when invoked by a super-user.
DeleGate changes its process's owner not by effective-user but by
real-user not to leave the ability to become anybody using setuid().

But unfortunately, you can't avoid running DeleGate as super-user
for FTP-DeleGate when it needs repetitive binding to privileged
port for each data connection through its run-time.  Thus
OWNER="root" was not avoidable in the case with old version of
DeleGate.

What I introduced to solve the problem, in DeleGate/8.4.0, was
"dgbind" as an external command just have capability to bind a
socket to a port number under the super-user's right.  It receives
a file descriptor of a socket from DeleGate and bind it to a
specified port.  It uses SETUID bit indeed, but it is far less
dangerous than setting SETUID to the executable of DeleGate.

Again, it is convenient for me to have the ability of binding
out of DeleGate because I do make DeleGate so often, without
doing "sudo" to set SETUID to the executable each time.

See <URL:http://www.delegate.org/delegate/HowToDG.html#subin>
(HowToDG.html) for how to setup dgbind.

Similar to dgbin, there are several dgXXX commands to be searched
under DGROOT/subin and used by DeleGate.  One of them is "dgpam"
which is used to do PAM authentication under privileged user's
right.

I hope you don't be super-user for DeleGate unless in the situation
it is really necessary but I don't know such situation
(except a platform where this device does not work, Solaris).

The latest version of this note is at
<URL:http://www.delegate.org/delegate/subin/>

Cheers,
Yutaka
--
  9 9   Yutaka Sato (CSDP,ITIL-F,OCUP-A,Security+,ISTQB-F)
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V