2

Is there a way to allow chown command to be run by www-data but limiting it in a way that the files owner can be changed only to uids greator than that of www-data user?

I already researched a lot and only way to allow chown to be run by any other user than root requires to give sudo privileges to that user but that is not an option for me until I can make sure that the owner is not set to any user with smaller uid than www-data.

To give the context, I am creating an app where I am trying to simulate hosting by creating a new linux user for each signed up user. The user can then upload files but I need to change the owner of these files to the corresponding linux user.

Kshitiz
  • 123
  • 1
    What about this http://askubuntu.com/questions/159007/how-do-i-run-specific-sudo-commands-without-a-password ? – TuKsn Aug 06 '14 at 16:38
  • Yeah as I mentioned, I already know how to allow www-data to use chown command.. my question was how to prevent www-data user with sudo privileges from setting the owner of a file to a user with lesser uid (for eg. what happens if my server is compromised and www-data tries to set the owner of a file as root).. thats where the can of worm opens!! – Kshitiz Aug 07 '14 at 04:42

1 Answers1

1

Are you sure that www-data needs to do chown? Please explain why. There is no way to get /bin/chown to restrict UIDs. You will have to write a wrapper around /bin/chown that does the input validation, then calls the real /bin/chown, then allow www-data access only to the wrapper.

waltinator
  • 36,399
  • I did something similar to that and created a wrapper that handles the chown request using an upstart daemon... so prevented that crazy hack of allowing chown to be run by www-data.. It was a design flaw. – Kshitiz Jan 23 '15 at 02:12