running as root

Discussion in 'General' started by porjo, Feb 22, 2007.

  1. porjo

    porjo New Member


    I notice that by default the ISPconfig cron jobs are installed into root's crontab. Also, there are a couple of processes spawned that run as root user e.g. ispconfig_wconf, cronolog

    I'm a little nervous that this could have the potential to allow my machine to be pwn3d at some point due to some back door exploit being discovered in one of the Internet facing scripts or services.

    Wouldn't it be better to have these run as a non-root user or am I just being paranoid?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Only the jobs are run as root that require root permissions. You cant administer a server without root priveliges. "normal" users can not add other users, restart services etc.

    You cant run them as other user because this wont work. Thats why ISPConfig is splitted in 2 parts, the interface that communicates with the user and runs the webserver on port 81 is run under a unpriveliged user (admispconfig) and only the scripts that absolutely need root permissions are run by root. These scripts are completely separated from the interface.
  3. porjo

    porjo New Member

    Thanks Till for the quick reply.

    I wondered if perhaps there might be a way for some malicious code to be written somewhere on the system by the admispconfig user, then later executed by the root user via one of the privileged scripts or services?
  4. falko

    falko Super Moderator ISPConfig Developer

    I don't think so. The backend (which is run as root) doesn't take any commands from admispconfig. All admispconfig can do is write the file /home/admispconfig/ispconfig/.run which would then make the backend start and rewrite the configuration if there have been changes in the web interface. But that's the only point where the back- and the frontend are connected.
  5. porjo

    porjo New Member

    OK, thanks for the clarification.

Share This Page