On 20/02/2014, at 7:42 PM, srean wrote:
> > It might be my bias showing. Never quite liked the idea of Felix
> > installation possibly starting services with root credentials.
>
> Who said it had root credentials?
>
> Could you describe what Felix does with sudo root privilleges. Does it
> schedule any services to run ?
Felix does nothing. Make install requires sudo at the moment.
It just installs in /usr/local/lib/felix/felix-latest. You cannot do
sudo make install
at the moment because it also initialises the cache and that
must NOT belong to root (because you couldn't write to it
if it did).
> It has whatever permissions you give it, and goes through whatever
> firewalls you put in place, and it only provides services it's configured
> to provide.
>
> Say I a ubuntu noob install Felix as root...
You can't. Ubuntu doesn't have a root shell. Try it.
su root doesn't work.
If you say sudo make install then your cache is owned by root
and you can't write to it.
>
> > That level of trust I would give only to the distribution packager because
> > it gets audited by several pairs of eyes. I dont want a simple screw up to
> > lead to /etc/shadow become world readable, or even /etc/passwd. Passwords
> > are encrypted, but in the days of the GPU that doesnt count for much, you
> > dont have to be NSA to break them.
>
> http://felix-lang.org/$etc/passwd
>
> I believe it is running as you.
No it isn't. It has a special account. Uses this:
privbind -u felixweb /usr/local/lib/felix/felix-latest/host/bin/flx_web
--port=80 --root=/usr/local/lib/felix/felix-latest
which starts it as user felixweb.
> So on any linux system Felix will by default make /etc/passwd accessible over
> port 80. This is BAD.
No it won't. The default port is 1234.
>
> It gives the whole wide world the same read privileges as someone who has an
> account on the machine.
It gives the whole world the same privileges as whoever started it, conditional
on the
webserver being able to do something. The webserver can attempt to read any file
on the filesystem.
> Not every Felix user would know about the risks that they are exposing
> themselves to, or would be a qualified sysadmin capable of locking down
> outside access.
Not my problem. The webserver isn't started by magic. The user has to start it.
> Read permissions of big bad world should be < account holder's read
> permissions
Thats a logical absurdity.
--
john skaller
skal...@users.sourceforge.net
http://felix-lang.org
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________
Felix-language mailing list
Felix-language@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/felix-language
