I prefer to not run as root because even though it drops privileges, it doesn't do things like dosemu well (tries to run as ryan user but use /root/.dosemu directory).
How do you allow MIS to bind to a priviliged port without sudo?
sudo setcap CAP_NET_BIND_SERVICE=+eip /mystic/mis
This permits the /mystic/mis application to bind to privileged ports.
I made a single exception for MIS to run as SUDO without requiring a password: mysticuser ALL = (root) NOPASSWD: /home/mystic/mis
Clever! I wonder which of our methods are better? Which is more secure?
I suppose the "most" secure method would be to run on non-privileged
ports and do some sort of port forwarding, but that's always felt a bit ugly to me. Not sure why *shrug*
I think yours is probably a safer bet as I'm not sure the impact of MIS spawing a mystic shell process as SUDO. It could very well allow the
shell process to execute code as root. I'd hope not. I might have to
test this out.
But when you do "sudo ./mis server" it shouldn't keep privileged access assuming your mis binary is owned by something other than root. It
should immediately bind the port and drop root.
MIS will check itself and try to change ownership to whoever owns the MIS binary file after it binds the port. I don't know if that works when its configured the way you have it though.
|Location:||Beaverton, Oregon, USA|
|Nodes:||16 (0 / 16)|