Your Thoughts: Securing Custom Daemons

dordal

New Member

Reaction score: 1
Messages: 11

We are writing a daemon that automatically adds and configures user accounts on our FBSD box. The idea is:
1) User signs up on web page; user signup is stored in DB
2) We will have a daemon running on our box that takes those signups and automatically runs adduser, makes a few default folders for them, etc. etc.

Current thinking is to make the daemon run as root. Now we sanitize the hell out of the user data that comes in, but the fact remains that we are still sending user-submitted data to a process running as root. That makes me feel uneasy.

Is there a better way to do this? I think our daemon has to run as root to be able to add users to the system, or am I missing something?
 

anomie

Aspiring Daemon

Reaction score: 120
Messages: 781

As a general recommendation, if you haven't considered doing so already, I would put the whole application in a FreeBSD jail. In the worse case - i.e. your sanitization fails - you will likely be able to contain the nastiness to the jail (instead of overflowing to the entire system).
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,870
Messages: 31,137

dordal said:
2) We will have a daemon running on our box that takes those signups and automatically runs adduser, makes a few default folders for them, etc. etc.
Don't use adduser for this. Use pw(8). You can also make use of the /usr/share/skel/ directory.
 

vivek

Aspiring Daemon

Reaction score: 194
Messages: 805

We do something like this for our shared hosting customer and all user ftp, e-mail, apache dir auth, subdomains accounts are stored in a mysql database. No system file is edited at all, no shell access. All daemons are configured to do username/password lookup via mysql database. Also, we run all servers in jail on both Linux (VMs) and FreeBSD.
 
Top