welcome: please sign in

The following 331 words could not be found in the dictionary of 7 words (including 7 LocalSpellingWords) and are highlighted below:
able   access   achieve   action   actively   Administration   advantage   again   all   already   Also   an   and   Andrew   any   anyone   Apache   appears   archives   are   as   Assassin   associated   assuming   available   basically   be   belong   belonging   bin   bloody   both   break   but   by   can   care   case   Category   cgi   Change   checking   chmod   choice   chown   com   common   conceptually   configuration   confuse   consider   containers   Coop   copying   counted   Courier   course   crash   create   created   cry   current   daemon   daemons   data   database   databases   default   definitely   delivery   deposited   direct   directly   directories   directory   disk   do   does   domain   domtool   don   each   Each   early   easy   effort   elegant   enough   errors   Everyone   exceed   exhaust   Exim   extensions   File   files   filesystem   fill   focuses   folders   following   For   for   from   gets   getting   give   given   goal   going   group   ham   harrass   has   have   hcoop   his   home   hose   how   human   hybrid   if   impacts   important   in   In   include   incorrect   Individual   instead   interfere   is   it   It   its   itself   just   keep   large   legitimate   let   lib   like   limits   list   listnew   lists   live   local   location   longer   mail   Mailboxes   mailboxes   Maildir   Mailing   mailing   Mailman   mailman   main   make   manage   mark   marker   may   mbox   me   mechanism   members   messages   misclassified   misleading   modify   more   murder   My   mydom   mylist   mysql   named   need   new   no   not   Of   of   on   one   One   only   or   other   others   our   out   Outdated   own   owned   ownership   owns   page   Part   particular   partition   Peer1   permissions   point   Postgre   Postgres   postgres   potential   pre   prevent   primary   private   problem   problems   provide   provides   quota   quotas   re   readable   real   reason   refer   represent   respect   responsible   rest   robust   roots   run   running   runs   rwx   screw   scripts   secure   security   server   services   set   setgid   setuid   setup   shared   should   shouldn   since   single   sites   so   some   someone   somepasswd   space   spam   Spam   state   Static   sure   swell   Symlink   symlinked   system   System   tablespace   Tablespaces   take   than   that   The   the   their   them   theme   There   there   these   These   They   they   things   This   this   those   though   through   Through   to   To   towards   train   training   try   two   under   up   usage   use   user   Users   users   usr   usual   value   var   virtual   wants   warning   watch   way   ways   We   we   web   where   which   who   wiki   wise   with   With   won   words   world   would   write   www  

Clear message
Edit

DaemonFileSecurity

This page is actively misleading and does not represent the current state of HCoop. It appears to refer to some hybrid of our pre-AndrewFileSystem setup and early Peer1 setup.

Part of the reason hcoop is so swell is that we (try to) make it easy for members to take advantage of shared daemons. Of course, it's important that no one can take advantage of this to interfere with the services a daemon provides for others. This page focuses on how we do this for the particular case of data and configuration files associated with particular daemons but conceptually belonging to particular users.

There are two main things to watch out for:

1. Static web sites

This one's easy. Users manage their own files and just need to make them readable by www-data, the Apache user.

2. domtool configuration files

Individual domain directories are basically extensions of users' home directories, permissions-wise, so again there are no problems.

3. Mailboxes

Users are given ownership of both their primary mailboxes (~/Maildir) and virtual mailboxes (in directory of choice under home directory). We're assuming that Exim and Courier IMAP are robust enough that errors in these mailboxes won't prevent delivery of mail to other mailboxes or prevent others from checking their mail.

4. Mailing lists

We modify the default Mailman set-up in the following ways:

{{{chmod -R g+s F chmod -R g-rwx F chmod -R u-s F chown -R list.me F}}}

5. SpamAssassin training

Everyone has write access to the shared folders where misclassified spam and ham should be deposited. This is definitely a security problem if someone wants to train SpamAssassin to mark legitimate and important messages as spam to harrass other users. Also, by copying files directly instead of going through IMAP, users may be able to screw up the folders in some way that impacts others.

6. MySQL databases (incorrect)

The databases of user me live in /home/mysql/me_*. Each of these directories is owned by mysql.me and is symlinked from the usual MySQL database location. There are no write permissions for the group, so me can't modify the database directly in an effort to confuse or crash MySQL; and, of course, all database files are counted towards me's group quota.

7. PostgreSQL databases (incorrect)

The databases of user me live in /home/postgres/me/. We use the new PostgreSQL's "tablespace" mechanism to make this more elegant than the MySQL set-up. Tablespaces are named containers for databases that are associated with particular roots in the filesystem. We give each user his own tablespace, with the usual ownership by his group, setgid, and no group permissions. me can't modify the database directly in an effort to confuse or crash Postgres; and, of course, all database files are counted towards me's group quota.

CategorySystemAdministration CategoryOutdated

DaemonFileSecurity (last edited 2013-05-30 18:05:01 by ClintonEbadi)