Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re^2: How to answer "Perl is not secure" objections?

by chargrill (Parson)
on Sep 06, 2007 at 22:54 UTC ( #637554=note: print w/replies, xml ) Need Help??


in reply to Re: How to answer "Perl is not secure" objections?
in thread How to answer "Perl is not secure" objections?

the application runs with the privileges of the web server. If that is root, you have a problem.

No, you have two problems - the first of which is solved by firing your system administrator.

Red Hat locked apache down by changing to some "nobody/nogroup"

No, apache has done that from (very nearly if not) the start. Various distributions will change the username and/or group, but the net effect is that apache needs to be launched as root to bind to a privileged port (< 1024) and then drops privileges to as unprivileged a user as possible.


--chargrill
s**lil*; $*=join'',sort split q**; s;.*;grr; &&s+(.(.)).+$2$1+; $; = qq-$_-;s,.*,ahc,;$,.=chop for split q,,,reverse;print for($,,$;,$*,$/)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://637554]
help
Chatterbox?
[oiskuu]: well, run a strace and see what the getlogin does for you.... As I said. SELinux probably has those security labels. But not regular linux.
[tye]: for example, read https://unix. stackexchange.com/ questions/146138/ loginuid-should-be -allowed-to-change -or-not-mutable-or -not
[tye]: I'm not using SELinux and it certainly appears to disagree with you. shrug
[tye]: Since you brought up /proc, oiskuu, I didn't see you respond to my suggestion of 'loginuid'. Does your /proc not have such?

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (7)
As of 2017-06-23 19:48 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How many monitors do you use while coding?















    Results (554 votes). Check out past polls.