Guys. If you wanted to scare the hell out of me, you succeeded... ARE WE
GOING TO SUGGEST TO OUR USERS TO RUN TOMCAT AS ROOT? ARE YOU ALL NUTS?
Ok, it's good code, but I wouldn't trust not even my mother with root access
on my machine... Starting it from the RC scripts will mean that TOMCAT is
called as root....
I'm attaching a little C script that degradates the process to a specified
user before execuing it. To compile do "gcc -O2 safexec.c -o safexec" and to
run, (for example catalina) do:
safexec username $CATALINA_HOME/bin/catalina.sh start
It's written for Solaris, but it should work also on Linux (maybe some
compilation warning of some kind)... DO NOT INSTALL IT W/ SUID PRIVILEGES,
otherwise anyone will be able to break into your machine _easily_... 'K?
Let's try to be a LITTLE BIT security conscious here...
Pier (in these days turned into a security freak!)
--- This is safexec.c: -----------------------------------------------------
#include <sys/types.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <stdio.h>
#include <pwd.h>
int main(int argc, char *argv[]) {
struct passwd *user=NULL;
char **args=NULL;
int x;
if (argc<3) {
fprintf(stderr, "Usage: %s [user] [command] [...]\n",argv[0]);
return(1);
}
user=getpwnam(argv[1]);
if (setgid(user->pw_gid)!=0) {
fprintf(stderr, "%s cannot set requested user/group id\n", argv[0]);
return(2);
}
if (setuid(user->pw_uid)!=0) {
fprintf(stderr, "%s cannot set requested user/group id\n", argv[0]);
return(2);
}
args=(char **)malloc((argc-1)*sizeof(char *));
for (x=2; x<argc; x++) args[x-2]=argv[x];
args[argc-1]=NULL;
execvp(argv[2], args);
fprintf(stderr, "%s: %s: %s\n", argv[0], argv[2], strerror(errno));
}
--- End of safexec.c: ------------------------------------------------------
