[LEDE-DEV] running stuff as !root

John Crispin john at phrozen.org
Tue May 17 23:29:38 PDT 2016



On 18/05/2016 08:08, David Lang wrote:
> On Wed, 18 May 2016, John Crispin wrote:
> 
>> Hi,
>>
>> we had previously started building the infra for running stuff as !root.
>> so far we have added
>>
>> * the userid/gid stuff
>> * acl on ubus
>>
>> things that i know are missing
>>
>> * handling network ports < 1024
>>
>> what am i missing ? can anyone think of other issues we need to address
>> before we change uid to !root ?
> 
> what things are you trying to run as !root?

services and daemons obviously

> just changing everything to run as user lede (uid 1) instead of root
> (uid 0) doesn't actually buy much, especially if user lede is able to
> administer things https://xkcd.com/1200/
>
> you want to end up running different types of things as different users,
> and there the permissions get more 'interesting'

thanks for the pointer, that was totally not obvious at all ...

> there is a capability you can give to binaries to let them bind to ports
> < 1024, there is also a proc setting you can use to let anything bind to
> ports < 1024.

ok, there had been some discussion about building a super daemon that
runs, then ld-preloading bind() and co and using ubus to transport
sockets around. using caps or /proc sounds like a good i between until
such a daemon exists

> 
> There are various other things that will require capabilities to work
> (including some versions of ping and traceroute), but it's a matter of
> fixing them as you bump into them.

yes, but i'll try those on my journey.

> don't try to make everything run as the same !root user, migrate things
> one (or at least one category) at a time.

thanks for the pointer, that was totally not obvious at all ...

	John



More information about the Lede-dev mailing list