Secure Standalone Web Applications with super user access

allyc has asked for the wisdom of the Perl Monks concerning the following question:

Monks,

I am hoping that some of you may be able to give me pointers on a new project that I am looking at.

I am looking to create a self contained web application that will eventually run on many Unix servers. I will not be able to install any web server software such as Apache on these servers, however they all have Perl 5.6.1 or higher on but as a twist there are several different flavours of Unix / Linux (HP-UX, Solaris, Red Hat).

The application its self will need to carry out some functions, however these will probably have to be executed as root which causes me security problems.

I have very little experience in the creation of a Perl Webserver, however I have seen some examples using HTTP:Deamon which seem to work.

How would you go about this problem. Have each server running a mini perl web server as root that can perform these tasks, or set up some sort of IPC link between a web server and the other servers to allow the access.

How is the best way to deal with security on all of the servers running the applications or is this all a pipe dream that will be near impossible for me to pull off?

I am currently only looking at design ideas at present. I have looked at some of the code for Webmin which manages to carry out many of the tasks that I require, but I don’t know if it is secure or if I could create something similar for my application.

I would love to hear anyone’s comments or suggestions on these ideas, and would be grateful if any one has any information that might help me.

Many thanks in advance,

Alistair

Comment on Secure Standalone Web Applications with super user access

Replies are listed 'Best First'.
Re: Secure Standalone Web Applications with super user access by Zaxo (Archbishop) on May 03, 2004 at 00:40 UTC
One common way to handle ownership and security for a daemon is to create a 'system user' with a low uid and no shell access. Give it a home directory somewhere in /var. To be extra cautious mount its own disk partition there. You haven't said what you're doing that needs root access, but be awfully sparing of that. If there is some part of the task that truly needs superuser access, look at sudo or similar. The suidperl extension is still not recommended. Though is has been improved in perl-5.8.4, the developers are not yet advising its use in critical applications. Your best bet is to work user and group filesystem permissions to provide security. I'm always a little puzzled by constraints which assume a home-rolled server will be more secure than a known and tested one like Apache httpd. After Compline, Zaxo	[reply]
Re: Secure Standalone Web Applications with super user access by sgifford (Prior) on May 03, 2004 at 02:45 UTC
Having the entire Web server run as root sounds dangerous. Instead, consider creating small SetUID helper programs, executable only by the Web server, to do the tasks requiring special priveleges. If you're rolling your own daemon with HTTP::Daemon, make sure you do everything in taint mode, and throughout development think about things that malicious users could do to take control of the machine.	[reply]
Re: Secure Standalone Web Applications with super user access by strat (Canon) on May 03, 2004 at 07:53 UTC
A good alternative to HTTP::Daemon is POE which let's you create a webserver very easily. Some examples are postet in the POE-Cookbook (at the bottom of the page) Best regards, perl -e "s>>F>e=>y)\martinF)stronat)=>print,print v8.8.8.32.11.32"	[reply]
Re: Secure Standalone Web Applications with super user access by JoeJaz (Monk) on May 03, 2004 at 07:34 UTC
HI, I would look at the source for gnump3d for another example of a mini perl web server. You might also ask Steve Kemp, the author of gnump3d, for some advice. My friend has contacted him about various things regarding the gnump3d code and he has been very helpful. As for webmin being secure, it's secure enough that the sysadmin at my school (and many other admins, so I hear) use it to manage their servers. If you have any inclination to build a webserver from scratch, you can look into the IO::Socket module for sending and recieving test as a webserver would. (This would take a lot of work, but you could design it exactly to your needs). Well, I hope this helps; I know it isn't much to go on. Take care, Joe	[reply]