[systemd-devel] LogsDirectory= permissions
Lennart Poettering
lennart at poettering.net
Thu Apr 21 08:21:37 UTC 2022
On Do, 21.04.22 06:36, Mantas Mikulėnas (grawity at gmail.com) wrote:
> > That said, are you sure you need to run the nginx binary as root? My
> > suspicion is that it would be much nixer if nginx would be fixed to
> > just be able to be invoked unprivileged (or at worst, with some very
> > limited ambient caps, such as CAP_NET_BIND_SERVICE).
> >
>
> Hmm, on the other hand: if nginx starts unprivileged and its log files (and
> TLS certificate files, and config files) are owned by www-data... and your
> webapps (e.g. php-fpm) are also running as www-data (as is very common),
> then an exploitable webapp could do a bit more damage than if the
> certs&logs were only accessible to root, e.g. they could scribble all over
> your past logs now.
>
> I usually don't mind services like httpd or postfix dropping privileges on
> their own because they can be more flexible about it, e.g. use different
> UIDs for different purposes.
Well, things like postfix kinda replicate their own service manager. I
have the suspicion it would be better to just leave that to systemd...
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list