I for the life of me can't get my webserver to run a python script correctly as root... obviously there is big security concerns but this python scripts runs on scapy which requires promiscuous access on the ethernet interfaces to fire and receive packets so I need root.
I see two options from reading online-
1) I can run the whole webserver as root, which is a big security hole, even the flag to enable this has a funny name but I can't even get this to work... I downloaded a recent version of httpd (whole thing, not just binaries) then did a->
env CFLAGS="-Wall -DBIG_SECURITY_HOLE" ./configure
then a #make then a #make install
which didn't work it still came up with the error (when i set user and group to root) the error
Code:
Syntax error on line 228 of /etc/httpd/conf/httpd.conf:
Error:\tApache has not been designed to serve pages while\n\trunning as root. There are known race conditions that\n\twill allow any local user to read any file on the system.\n\tIf you still desire to serve pages as root then\n\tadd -DBIG_SECURITY_HOLE to the CFLAGS env variable\n\tand then rebuild the server.\n\tIt is strongly suggested that you instead modify the User\n\tdirective in your httpd.conf file to list a non-root\n\tuser.\n
so I figured this was just a user error... so I used this website-> http://code.google.com/p/mod-suid2/
and did this
Code:
env CFLAGS="-DBIG_SECURITY_HOLE" ./configure && make
# make install
got the same error that I did above...
so here is option 2
2) SUEXEC
which sounds awesome, but now after a day of wasting time I can't even find a great example... and I am not sure this will allow root anyway, maybe just another user.... is this the way to go? has someone had this type of problem before?
HELP IS MUCH APPRECAITED
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
I am trying a scapy patch right now that might make it act more normal (and run w/o root)
Linear Mode
