undefined | Better HN

0 pointsdependenttypes6y ago0 comments

> An unprivileged user shouldn't be able to take down a production system

How about deleting everything under /var/www/?

0 comments

3 comments · 1 top-level

parliament326y ago· 2 in thread

An unprivileged user can't do that. /var/www/ will be owned either by root, or (by default on debian, depends on your distro) www-data. Your unprivileged user can't modify other users' files, that's the entire point of unix permissions.

dependenttypesOP6y ago

Given

> >Plus, there's still a lot of damage you can do without root access.

> That's not really true. An unprivileged user

We can see that "unprivileged user" equals to anything that is not root in your post. Considering that definition www-data is an unprivileged user which can delete everything under /var/www/.

So no, what you are saying is not really true.

parliament326y ago

But www-data doesn't get a login shell, so it can't[1].

Obviously a user can modify their own files. The idea is if you compromise unprivileged user "scott", with their account, you can't harm other users or the system itself.

[1]easily. Technically it depends, but a hardened configuration would only give www-data permissions to read files its data files in /var/www, not write them (which includes delete), apart from things it actually needs to write like its app logs (and even then you should be using syslog facilities, which only let you write, again not delete or cause any issues). Principal of least privilege and all that. For fun, try to figure out how to ssh into your system as www-data and see the half dozen different roadblocks that come up in your way.

j / k navigate · click thread line to collapse