[OT] Is it safe to 'su' to the right user?


#1

Hi !

I’m using daemontools[1] to manage a few processes on my Debian box.
Among other things, I use it to manage svnserve, because it uses less
memory than Apache.

My /service/svnserve/run looks like this:

#!/bin/sh
su svn -c “/usr/local/bin/svnserve --foreground --daemon --root
/var/svn”

Is it safe for me to run like that ? If an attacker cracks svnserve,
what will they gain access to ? Since I su to svn, will the attacker
gain svn’s authorizations, or will they be able to gain root access ?

Thanks !

François Beausoleil
http://blog.teksol.info/

[1] http://cr.yp.to/daemontools.html


#2

On Apr 12, 2006, at 6:02 PM, Francois B. wrote:

var/svn"

Is it safe for me to run like that ?

Only as safe as svnserve is.

If an attacker cracks svnserve, what will they gain access to ?

Whatever svnserve has access to.

Since I su to svn, will the attacker gain svn’s authorizations, or
will they be able to gain root access ?

They will gain svn’s authorizations. They will be able to gain root
access if there is a n exploitable local privilege escalation
vulnerability.


Eric H. - removed_email_address@domain.invalid - http://blog.segment7.net
This implementation is HODEL-HASH-9600 compliant

http://trackmap.robotcoop.com