comment on

One common way to handle ownership and security for a daemon is to create a 'system user' with a low uid and no shell access. Give it a home directory somewhere in /var. To be extra cautious mount its own disk partition there.

You haven't said what you're doing that needs root access, but be awfully sparing of that. If there is some part of the task that truly needs superuser access, look at sudo or similar. The suidperl extension is still not recommended. Though is has been improved in perl-5.8.4, the developers are not yet advising its use in critical applications.

Your best bet is to work user and group filesystem permissions to provide security.

I'm always a little puzzled by constraints which assume a home-rolled server will be more secure than a known and tested one like Apache httpd.

After Compline,
Zaxo

In reply to Re: Secure Standalone Web Applications with super user access by Zaxo
in thread Secure Standalone Web Applications with super user access by allyc

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.