Commit ea80d43f authored by Matt Behrens's avatar Matt Behrens

document setuid() support, I have had a few questions on this...

parent a61264dd
ZServer 'setuid()' support
ZServer (Zope's server) supports 'setuid()' on POSIX systems in order to
be able to listen on low ports such as 21 (FTP) and 80 (HTTP) but drop
root privileges when running; on most POSIX systems only the 'root' user
can do this. Versions of Zope prior to 2.6 had less robust versions
of this support. Several problems were corrected for the 2.6 release.
The most important thing to remember about this support is that you
don't *have* to start ZServer as root unless you want to listen for
requests on low ports. In fact, if you don't have this need, you are
much better off just starting ZServer as a user account dedicated to
running Zope. 'nobody' is not a good idea for this user account;
see below.
If you do need to have ZServer listening on low ports, you will need to
start 'z2.py' as the 'root' user, and also specify what user ZServer
should 'setuid()' to. Do this by specifying the '-u' option followed
by a username or UID, either in the 'start' script or on the 'z2.py'
command line. The default used to be 'nobody'; however if any other
daemon on a system that ran as 'nobody' was compromised, this would
have opened up your Zope object data to compromise.
You must also make sure the var directory is owned by root, and that
it has the sticky bit set. This is done by the command 'chmod o+t
var' on most systems. When the sticky bit is set on a directory,
anyone can write files, but nobody can delete others' files in order
to rewrite them. This is necessary to keep others from overwriting
the PID file, tricking root into killing processes when 'stop' is run.
...@@ -825,7 +825,8 @@ try: ...@@ -825,7 +825,8 @@ try:
raise SystemExit, 'initgroups is required to safely setuid' raise SystemExit, 'initgroups is required to safely setuid'
if UID == None: if UID == None:
raise SystemExit, ('A user was not specified to setuid ' raise SystemExit, ('A user was not specified to setuid '
'to; fix this to start as root') 'to; fix this to start as root (see '
'doc/SETUID.txt)')
import stat import stat
client_home_stat = os.stat(CLIENT_HOME) client_home_stat = os.stat(CLIENT_HOME)
client_home_faults = [] client_home_faults = []
...@@ -834,7 +835,8 @@ try: ...@@ -834,7 +835,8 @@ try:
if client_home_stat[stat.ST_UID] != 0: if client_home_stat[stat.ST_UID] != 0:
client_home_faults.append('is not owned by root') client_home_faults.append('is not owned by root')
if client_home_faults: if client_home_faults:
client_home_faults.append('fix this to start as root.') client_home_faults.append('fix this to start as root (see '
'doc/SETUID.txt)')
err = '%s %s' % (CLIENT_HOME, ', '.join(client_home_faults)) err = '%s %s' % (CLIENT_HOME, ', '.join(client_home_faults))
raise SystemExit, err raise SystemExit, err
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment