Results 1 to 4 of 4
  1. #1
    Join Date
    Feb 2008
    Posts
    829

    would this be unsecure?

    I'm thinking if I code a control panel or other web based app that can change settings on the server, I'd code a server in C++ so I can have it run as a privileged user to have access to change settings. It would listen on a port locally and only accept connections from localhost.

    The php front end would then connect to this app to do its thing, but the information would be sent unencrypted (but stay localhost). Would this be a security risk if others have access to the server via ssh? Like is there ways they could somehow read the memory and get passwords? (the communication between the php front end and the server would be password protected)

    Reason I'd do it this way is so I don't have to run apache as root, which would be required if I made php scripts capable of editing system settings. In shared environment this would be bad.

    guess an alt way of going about it is having the php front end add "tasks" to a sql database then have the C++ app occasionally read it and perform these tasks (such as add subdomains, emails etc)

  2. #2
    Join Date
    Apr 2003
    Location
    Los Angeles, CA
    Posts
    820
    To sniff the traffic either via direct memory access or tcpdump, you'd have to be a privileged user on the machine already, and at this point you could do the changes directly. So, IMO that approach is safe enough. If it's a *nix box, you could also use a named piped and restrict access to it by uid/gid for increased security. Assuming your control panel runs as a separate user (via FastCGI or whatnot) that would be one additional layer of protection.

    My biggest worry would be gaining access to the source of the control panel and extracting the authorization info from it. Again, if you don't run all domains as one user but via a suexec-like setup that should be fairly safe. Obviously make sure that your control panel files are not group/world readable.

    I'm sure someone will correct me if I'm wrong...
    Pings <1 ms, Unlimited Transfer, Lowest Price: http://localhost/

  3. #3
    Join Date
    Jun 2004
    Location
    San Diego, CA
    Posts
    137
    I don't think you'd want tasks being sent in real time to an application to make the change. Suppose one of those tasks is to restart the webserver -- you tell it to restart, and it drops your connection (and the connection to the application performing the restart which leaves it hanging).

    The best solution (IMO) is to add entries to a task list (either file-based or in SQL), and either have your application run as a daemon checking the task list every second (or faster if you're crazy , and make the changes as they come in, or as a cron entry. You could even write the control panel in ajax which will check the task list every second (or faster again) and update the browser when the task is crossed off the list.
    Matt Bloom
    AngryHosting - Load balanced/redundant shared hosting solutions

  4. #4
    Join Date
    Feb 2008
    Posts
    829
    Yeah if I was to go with the task list route (and think I will actually do that, simpler, no need to write a protocol or anything) then I'd have it run like every 10 minutes or something.

    Some of these tasks would even involve restarting bind, so I'd even be as bold as only doing it every hour. So if a customer does a change to their DNS it goes in the queue and would happen at next cycle which happens every hour. The actual settings would then go in the settings database. My application would then generate the proper config files and restart the required services. I'll have to test this like crazy as I don't want a simple syntax error or injection attempt to halt the service.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •