Uploaded image for project: 'Z-Push'
  1. Z-Push
  2. ZP-1153

Debian packaging: run tools als webserver user

    Details

    • Type: Improvement
    • Status: QA
    • Priority: Low
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.4.0 beta1, 2.4.0
    • Component/s: None
    • Labels:
      None

      Description

      Currently the debian package creates symbolic links from /usr/sbin/z-push-admin and z-push-top to their corresponding php files.
      This means these PHP scripts will most likely be run as root.

      In the past we at 1AFA have seen situations where doing this created problems, because the tools touched files that were afterwards no longer writable by the webserver user. (You could also argue that this is a security risk.)
      Therefore in our private build of z-push we have created wrapper scripts that first su'ed to the webserver user and then ran the tools.

      Is that something you are interested in to have upstream?

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Sebastian Sebastian Kummer
                Reporter:
                rolek Roel van Meer
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: