D.4. Security Notes
Depending on how you use it, this daemon can either enhance or hurt your system security. At first glance, having a daemon that runs with root privileges and accepts database connections seems like a bad idea. On the other hand, this might allow you to improve security by running only one daemon as root and running each of the UI programs as a non-root user. This way, if an attacker breaks into one of your UI programs, he or she only gains the privileges of that non-root user. Compare this to most Linux appliances, in which a UI needs to run as root in order to make system changes.
The daemon reads tbl2file.sql and tbl2field.sql when it starts, and then marks all of its configuration columns as read-only. Not allowing updates ...
Get Linux Appliance Design now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
