Ubuntu security with services running from /opt
Posted
by
thejartender
on Ask Ubuntu
See other posts from Ask Ubuntu
or by thejartender
Published on 2012-11-02T11:29:16Z
Indexed on
2012/11/02
23:17 UTC
Read the original article
Hit count: 364
It took me a while to understand what's going on here (I think), but can someone explain to me if there are security risks with regards to my logic of what's going on here as I am trying to set up a home web server as a developer with some good Linux knowledge?
Ubuntu is not like other systems, as it has restricted the root user account. You can not log in as root or su
to root. This was a problem for me as I have had to install numerous applications and services to /opt
as per user documentation (XAMPPfor Linux is a good example). The problem here is that this directory is owned by root:root
. I notice that my admin user account does not belong to root
group through the following command:
groups username
so my understanding is that even though the files and services that I place in /opt
belong to root, executing them by means of sudo
(as required) does not mean that they are run as root? I imagine that the sudo
command is hidden somewhere under belonging to the root
user and has a 775
permission? So the question I have is if running a service like Tomcat, Apcahe, etc exposes my system like on other systems? Obviously I need to secure these in configurations, but isn't the golden rule to never run something as root? What happens if I have multiple services running under same user/group with regards to a compromised server?
© Ask Ubuntu or respective owner