Subj : Re: Nightmares / Dreams
To   : 2twisty
From : Gamgee
Date : Sat Apr 02 2022 15:29:00

-=> 2twisty wrote to Gamgee <=-

 Ga> user/group that the BBS runs as.  This allows the BBS to open the ports
 Ga> (because of the 'sudo'), but then immediately fall back to running as a
 Ga> normal user.  Synchronet can also be compiled with the 'setcap' command

 2t> If you launch anything with SUDO as root, you have to TRUST that
 2t> the software drops back.

Yep, and I do.  I also have verified that with tools such as 'ps' and 
'htop', and the BBS logs themselves.

 2t> Has that code been audited?

It's open source, and I trust the author.  So yes.

 2t> I wouls still worry that since the binary is started as root,
 2t> there is a path (albeit maybe VERY difficult) to crash the app,
 2t> corrupt RAM and execute arbitrary code.

I don't worry about that, not even a little bit.

 2t> I prefer to launch all externally excessible stuff as unpriv
 2t> users if at all possible.

Well, as a general rule, yes.  And it is possible with the software 
being discussed, as referenced above with the 'setcap' command.

 2t> So I'd go for the recompile or just run with port >1024.

I recompile it frequently, as it is under continuous (daily) 
development.  Also the author is extremely accessible and often fixes 
bugs or adds features on-the-spot (literally) as it's discussed in the 
IRC channel where he is an active participant.


.... Toto, I don't think we're in DOS any more...
=== MultiMail/Linux v0.52
--- SBBSecho 3.15-Linux
 * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (21:2/138)

.