Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider starting node with root privileges #2324

Open
mrcnski opened this issue Nov 14, 2023 · 1 comment
Open

Consider starting node with root privileges #2324

mrcnski opened this issue Nov 14, 2023 · 1 comment
Labels
T0-node This PR/Issue is related to the topic “node”.

Comments

@mrcnski
Copy link
Contributor

mrcnski commented Nov 14, 2023

I mean, doing that like most privileged UNIX daemons do. Starting up as root (or with suid bit), doing things requiring root (open privileged ports, subscribe to audit events, etc.), and then doing setuid() to drop privileges to the regular user level.

Originally posted by @s0me0ne-unkn0wn in #1685 (comment)

@burdges
Copy link

burdges commented Nov 14, 2023

Afaik you could've a different setuid binary, which drops privileges before substrate runs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
T0-node This PR/Issue is related to the topic “node”.
Projects
Status: No status
Development

No branches or pull requests

2 participants