Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Are root privileges needed for running processes like ntp openvpn lighttpd
« previous
next »
Print
Pages: [
1
]
Author
Topic: Are root privileges needed for running processes like ntp openvpn lighttpd (Read 4165 times)
cobradevil
Newbie
Posts: 7
Karma: 1
Are root privileges needed for running processes like ntp openvpn lighttpd
«
on:
February 14, 2017, 01:09:54 pm »
Hello all,
I have a question why there are multiple service running as root suchs as:
ntp openvpn lighttpd
my background is more in the linux corner which runs most processes as a non privileged user but maybe there is a good reason I do not know about.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Are root privileges needed for running processes like ntp openvpn lighttpd
«
Reply #1 on:
February 14, 2017, 01:33:33 pm »
all of them need to be started as root as they need to bind a well known port (< 1024).
after that, they may be able to drop privileges. OpenVPN still need to be able to change the network configuration and ntp setting the time.
Linux has capabilities, which I am not aware that it would exist on FreeBSD as well. I cannot answer why lighttpd is running as root, because the changes are done by PHP.
Logged
bartjsmit
Hero Member
Posts: 2017
Karma: 194
Re: Are root privileges needed for running processes like ntp openvpn lighttpd
«
Reply #2 on:
February 14, 2017, 02:31:14 pm »
Privilege separation is on the OPNsense roadmap:
https://opnsense.org/about/road-map/
Bart...
Logged
cobradevil
Newbie
Posts: 7
Karma: 1
Re: Are root privileges needed for running processes like ntp openvpn lighttpd
«
Reply #3 on:
February 14, 2017, 02:56:31 pm »
OK, thanks for clarifying.
I will monitor the roadmap more closely.
Best regards,
William
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Are root privileges needed for running processes like ntp openvpn lighttpd