[SOLVED] Security Question (all processes runs as root user)

Hey Guys :slight_smile:

I have an Security Question: On my LEDE Firmware all processes (only dnsmasq does not) running under user root.
I heard running daemons under root is not nice...

Can I change this or is this not useful ?

LEDE: 17.01.0 (all opkg are up2date)
HW: TP-Link Archer C7 V2

I Hope someone can clarify it :slight_smile:

This would be very hard to change.

LEDE is a full Linux system, so you can set it up as normal with different users
(and some daemons, not just dnsmasq do this by default).

But you have to ask yourself exactly what threat you are defending yourself
against.

The theory is that if someone breaks one daemon, they have a harder time
affecting others if they are run as different users, but the things that run on
a LEDE device tend to be fairly locked down (minimizing their vunlerabilities)
and rather central to the operation of the system.

If someone takes over DNS/DHCP (i.e. dnsmask), they can do a lot of nasty things
to you, does it really matter that they can't affect the routing tables?

It all depends on what you are running on the router, sometimes it's worth
running some things as a different user so that if they get hacked it's harder
to affect other things, sometimes it's not worth the effort.

For the LEDE project, the user support complexities of explaining all the
possible permission issues to people tip the balance to making the default
system not use a lot of userids.

David Lang

Hi David Land :slight_smile:

Thanks for this nice detailled answer :slight_smile:
I understood: Its a question about usability vs security (like ever) right ? :wink:

But only one more question to this: If i take my devices and keep then up2date (firmware and also opkg packages) I make it more harder (for hackers) to get root access thru a daemon right (zero day bugs not included) ?
Or has it nothing to do with such attacks ?

I mean: If I would make any available update: I dont have to think about and can run proccesses with root anyway ?

Thanks again :slight_smile:

Hi David Land :slight_smile:

Thanks for this nice detailled answer :slight_smile:
I understood: Its a question about usability vs security (like ever) right ? :wink:

yep.

But only one more question to this: If i take my devices and keep then up2date (firmware and also opkg packages) I make it more harder (for hackers) to get root access thru a daemon right (zero day bugs not included) ?
Or has it nothing to do with such attacks ?

yes, keeping the system up to date and not exposing things to the Internet that
don't need to be there (and not installing things you don't need in the first
place) will do far more to keep you secure than running things as different
users.

I mean: If I would make any available update: I dont have to think about and can run proccesses with root anyway ?

there's still value in splitting services off of the root account, but as
https://xkcd.com/1200/ shows, there can be problems there too.

The mantra of not running things as root comes from the server/datacenter
environment.

It's always useful to track down why somthing is being recommended :slight_smile:

David Lang