Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Security question
« previous
next »
Print
Pages: [
1
]
Author
Topic: Security question (Read 2231 times)
csmall
Full Member
Posts: 121
Karma: 5
Security question
«
on:
April 24, 2020, 03:35:49 am »
I read that pfsense runs the web interface and php as root.
With opnsense being a fork of pfsense, does it also do this?
Pfsense gave me an explanation the other day of basically it is a big effort and massive undertaking to change this.
I believe this is true, but my question is how much does it matter? My understanding is that best practice is to never do this. But yet, it is still accepted I guess with the idea that because the webui isn't accessible to the internet by default that it isn't a real risk.
What does opnsense do and if it runs these services as root, what is the reasoning?
«
Last Edit: April 24, 2020, 03:44:23 am by csmall
»
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Security question
«
Reply #1 on:
April 24, 2020, 06:40:48 am »
The reason is quickly explained:
It runs commands and writes files that need root permissions. OPNsense has configd, so new code could also run with user permissions but the code left from pfSense does not. The service acts like a sudo command.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Security question
«
Reply #2 on:
April 24, 2020, 09:55:10 am »
Opinion of trust in PHP is still pretty bad although version 7 has come a long way in this regard.
The initial design of m0n0wall was to run scripts from PHP, which needed root rights to configure the system. This was inherited by the later forks and more and more functionality was added...
pfSense also has a background daemon but not to reach the goal of privilege separation. It exists to run background tasks away from PHP to unblock the GUI.
Our configd works in the same way, but was also aimed at privilege separation with background tasks being added for all kinds of services that existed previously, but not yet all of them.
In theory all the new MVC functionality supports privilege separation in this way, but is pointless to employ unless we remove the very last command execution from the inherited PHP code.
Given the adoption rate of m0n0wall, pfSense and OPNsense I think the PHP in root is not the biggest issue in the world and its exploit count has been manageable so far. But that is just my opinion.
Cheers,
Franco
Logged
csmall
Full Member
Posts: 121
Karma: 5
Re: Security question
«
Reply #3 on:
April 24, 2020, 12:58:56 pm »
Thank you both for the clarification.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Security question