[Freedombox-discuss] Why four users with passwords on the freedombox?

[Nick Daly]

Petter Reinholdtsen <pere at hungry.com> writes:

> The plinth process now seem to run as user root according to 'ps -ef'
> (and not www-data any more), but no longer have a valid password.  Can
> it be changed to run as a non-privileged user?

Yeesh.  It should run as a non-privileged user, now tracked as a 2.0
release goal [0]:

: FreedomBox 2.0: Plinth: Run as non-root user.

It probably should run as a service-specific user, to compartmentalize
the permissions as much as possible.

>> What is the point of having both the users root and fbx?  Is it not
>> enough with one normal user, and set up sudo for this user to get root
>> access, or perhaps disable it completely and depend on some plinth GUI
>> to set the password on a regular unix user?
>
> The plinth unix user is now created by the plinth package, and no
> longer have a password.  And the admin user in the plinth user
> interface no longer exist.  But there are still two unix users with
> known passwords on the freedombox:
>
>   /etc/passwd, /etc/shadow
>
>     root / freedom
>     fbx / frdm

Removing and disabling "root" and "fbx" are currently 2.0 release goals:

: FreedomBox 2.0: Infrastructure: Remove or Disable "root/fbx" Accounts

The "plinth" user should be the only administrative user on the box, and
the user should be able to direct the plinth user through the Plinth UI.

Pere, if you feel that Plinth is ready for the role, please remove the
known users and passwords.  I'm not convinced we're there yet, but
removing them might be the only way we'll get there...

Nick

0: https://gitorious.org/freedombox-todos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20140317/d722d1b6/attachment.sig>