Re: best way to start and shutdown programs in CentOS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 11/22/10 10:34 PM, Kill Script wrote:
> On Mon, Nov 22, 2010 at 8:03 PM, John R Pierce <pierce@xxxxxxxxxxxx
> <mailto:pierce@xxxxxxxxxxxx>> wrote:
>
>             su-$ORA_OWNER -c $ORA_HOME/bin/dbstart
>
>     should be
>
>             su - $ORA_OWNER -c $ORA_HOME/bin/dbstart
>
>
> So, for a Java program, would you suggest creating a different user, giving that
> user just enough privileges, and then running the script so that it exited if
> the wrong user tried to use it?
>
> (Just trying to think what's the best long term solution for something like this)

Yes, especially if it runs a network protocol with the possibility of remote 
exploits.  It is an easy way to limit the damage if anything goes wrong.  But, 
the init scripts start as root so they need to su to the right user before 
starting the app.

-- 
   Les Mikesell
    lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux