Perhaps part of the problem here is just that too many privileges are
given to system tasks by default. Capability (as in EROS etc) fans would
certainly say so, but I think that even the possibilities available in a
standard Linux system are not being fully utilised.
For instance: a cron job to process man pages does not have to run as
root. If the ownership of the man pages is set to user "man", that job
can be run setuid man. cron itself can run setuid - to something which
only has the privileges to execute those setuid cron scripts.
I think the same could be applied to a lot of system daemons and would
result in a somewhat safer system. How many processes really need to run
with root privileges? Most just need access to a subset of files.
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds