[LEDE-DEV] running stuff as !root

John Crispin john at phrozen.org
Tue May 17 23:31:22 PDT 2016



On 18/05/2016 08:09, Daniel Curran-Dickinson wrote:
> On 16-05-18 01:05 AM, John Crispin wrote:
>> Hi,
>>
>> we had previously started building the infra for running stuff as !root.
>> so far we have added
>>
>> * the userid/gid stuff
>> * acl on ubus
>>
>> things that i know are missing
>>
>> * handling network ports < 1024
>>
>> what am i missing ? can anyone think of other issues we need to address
>> before we change uid to !root ?
>>
> 
> Er, do you mean uid of procd or ubus or everything?  I'm not sure we're
> clear on which uid you mean?

ok, my mail that sounded totally obvious to me apparently was hard to
understand.

right now we run $everything as root which is obviously rather daring so
we need to change it to what normal distros do and run stuff as their
own users wherever it makes sense and give those users only the
permissions required.

	John

> _______________________________________________
> Lede-dev mailing list
> Lede-dev at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/lede-dev
> 



More information about the Lede-dev mailing list