Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop privileges in API server #1227

Closed
4 of 7 tasks
matyasselmeci opened this issue May 6, 2024 · 0 comments · Fixed by #1850
Closed
4 of 7 tasks

Drop privileges in API server #1227

matyasselmeci opened this issue May 6, 2024 · 0 comments · Fixed by #1850
Assignees
@h2zh
Labels
cache Issue relating to the cache component critical High priority for next release director Issue relating to the director component enhancement New feature or request origin Issue relating to the origin component registry Issue relating to the registry component
Milestone
v7.14

Comments

@matyasselmeci
Copy link
Contributor

matyasselmeci commented May 6, 2024
edited by h2zh
Loading

Pelican Service:

  • Client
  • Plugin
  • Registry
  • Director
  • Origin
  • Cache
  • Other (please give the detail)

The Pelican web/API server runs as root; this means that a security vulnerability would result in the attacker having root privileges on the server, which is not good. This is especially an issue since we instruct people to open the API server to the world.

Have the process running the API server drop privileges. Allow the admin to specify the Unix user and group in their config; by default both should be named 'pelican'. The native packages (RPMs and Debs) should create this user and group if they does not exist. The Dockerfiles should pre-create the user and group with a fixed UID/GID.

Ignore the user:group setting if Pelican is not started as root. Exit with an error if Pelican is started as root but cannot drop privileges (e.g. due to the user not existing). Give a big warning but continue if the admin specifies root:root as the user:group.
@matyasselmeci matyasselmeci added enhancement New feature or request cache Issue relating to the cache component origin Issue relating to the origin component director Issue relating to the director component registry Issue relating to the registry component labels May 6, 2024
@jhiemstrawisc jhiemstrawisc added this to the v7.9.0 milestone May 6, 2024
@haoming29 haoming29 added the critical High priority for next release label May 15, 2024
@jhiemstrawisc jhiemstrawisc modified the milestones: v7.9.0, v7.10.0 Jun 12, 2024
@bbockelm bbockelm removed the critical High priority for next release label Jul 31, 2024
@matyasselmeci matyasselmeci modified the milestones: v7.10.0, v7.11.0 Aug 21, 2024
@bbockelm bbockelm modified the milestones: v7.11.0, v7.12.0 Oct 8, 2024
@matyasselmeci matyasselmeci mentioned this issue Oct 30, 2024
Merged
@matyasselmeci matyasselmeci mentioned this issue Nov 12, 2024
Merged
@jhiemstrawisc jhiemstrawisc added the critical High priority for next release label Nov 22, 2024
@h2zh h2zh modified the milestones: v7.12.0, v7.13.0 Dec 12, 2024
@h2zh h2zh linked a pull request Jan 18, 2025 that will close this issue
Drop privileges to user pelican if requested #1850
Merged
@jhiemstrawisc jhiemstrawisc modified the milestones: v7.13.0, v7.14 Jan 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@h2zh h2zh

Labels
cache Issue relating to the cache component critical High priority for next release director Issue relating to the director component enhancement New feature or request origin Issue relating to the origin component registry Issue relating to the registry component
Projects
None yet
Milestone
v7.14
Development

Successfully merging a pull request may close this issue.

Drop privileges to user pelican if requested bbockelm/pelican
5 participants
@bbockelm @matyasselmeci @haoming29 @h2zh @jhiemstrawisc