NOTICE: This version of the NSF Unidata web site (archive.unidata.ucar.edu) is no longer being updated.
Current content can be found at unidata.ucar.edu.
To learn about what's going on, see About the Archive Site.
NOTICE: This version of the NSF Unidata web site (archive.unidata.ucar.edu) is no longer being updated.
Current content can be found at unidata.ucar.edu.
To learn about what's going on, see About the Archive Site.
Russ, Thanks! Security is the big issue . . . the decoders/* calls are the only ones I have not dealt with to run as a service as opposed to running in user space (i.e. ldm); we've long since replaced scour as it was a hazard early on. But you answered the main thing - which is the philosophy of UNIDATA; we want all of our installations to look as much like a straight LDM installation as possible, and in keeping with that, we'll continue using an LDM account. Stonie On Tuesday 12 November 2002 17:18, Russ Rew wrote: > >To: address@hidden > > From: "Stonie R. Cooper" <address@hidden> > > >Subject: Re: 20021108: Importance of LDM account > >Organization: Planetary Data, Incorporated > > Stonie, > > > I've been a user of LDM, one way or another, since the early 1990's. > > > > In the old days, it seemed more obvious why the LDM suite of applications > > were sequestered to an "ldm" account. > > > > It doesn't seem so obvious anymore. What is your feeling, or Unidata's > > for that matter, on LDM being treated more like a service (like sendmail > > or apache) where root owns the ldm tree, and the group is set to a common > > met-apps group - like "data"? > > I think running the LDM system as root would invite security problems. > Each decoder process would be run as root, and getting the right EXEC > line in the pqact.conf configuration file would be enough to > compromise a system. Running the crufty old shell script which is > "scour" as root easily delete more than was intended, if an error were > made in the scour configuration file. When you design things to be > run as root, you have to take a lot more care in checking for security > problems and the consequences of mistakes than when you are protected > by running as a pseudo-user such as "ldm". I don't see the benefits > to be gained by running as root that would balance the costs of > redesigning everything with security in mind. > > --Russ > > _____________________________________________________________________ > > Russ Rew UCAR Unidata Program > address@hidden http://www.unidata.ucar.edu -- Stonie R. Cooper Planetary Data, Incorporated ph. (402) 782-6611 "Growth for the sake of growth is the ideology of the cancer cell." - Edward Abbey