On Wed, Jun 27, 2001 at 11:12:34PM -0400, Bill Pierson wrote:
> Thanks for your replies. Actually, I'd like to be able to modify system
> config files, stop and restart daemons, etc.
>
> I'm not aware of the different ways to accomplish this; any tips would be
> appreciated.
>
> The server is in a "protected" environment.....
If by "protected" you mean everyone who can ever possibly access this
machine has password-less root access, then go for it.
If not, then you probably shouldn't be providing such things through a web
interface. If you insist on it, my best suggestions are:
* write small, easily audited setuid programs to do very specific tasks
* write small, easily audited CGI scripts, that verify every single
parameter in the strictest possible way, to execute the aforementioned
setuid program
* give the web server a user id used by nothing else
* make the setuid programs executable only by the web server user
* password protect the site using the basid or md5 auth scheme (no
cookies, no nifty HTML authentication and session doohickies)
* put the site behind strong SSL encryption, with no way to access it
otherwise
* use a dedicated web server process for this
* firewall packets to and from that port to only the IP addresses of
authorized individuals
* setup your web server configuration to allow only connections to the
aforemention authorized IP addresses
* reduce the number of modules, plugins, or whatever your web server
uses to the absolute bare minimum to handle these administrative
functions
Even after doing the above, you are opening a hole in your security. If any
of the above measures isn't taken, or some small part is overlooked, you are
opening yourself up to a security breach. Even if you do all of the above
correctly either you or I, or both of us, missed something, and you are
opening yourself up to a security breach.
Be paranoid, security is never 100%. If at all, avoid doing this altogether.
Michael
--
Administrator www.shoebox.net
Programmer, System Administrator www.gallanttech.com
--
