Should we allow plugins to run as root

[DirectAdmin Support]

Hi guys,

As any plugin developer will know, plugins run as the User running it. This is fine for accessing User files, but if the plugins needs to do anything system related, this can become very tricky to do, and sudo or suid wrappers are needed. This is a poll to ask if you want to have the ability to enable a "run as root" option for your plugins. This would have to be designed very carefully for security reasons, and should it be a "go", a huge responsibility goes over to plugin designers to ensure that Users can't end up gaining root access on your system.

John

 

[pucky]

Hello, it should be allowed. There are a bunch of plugins doing this already, Installatron to name one. cPanel has been doing it for years, havent heard of anyone getting root via a plugin. I think if there are some good recommendations and code sharing as far as security implamentations that can be discussed and exchanged this could be a welcome relief as it currently a very messy job.

 

[mattb]

I'm not keen to run natively as root.

I'd prefer it to utilise something like sudo if required (and logged).

I wouldn't use cPanel as a benchmark.. it's renowned for have root exploits.

 

[GXX]

Hello, it should be allowed. There are a bunch of plugins doing this already, Installatron to name one. cPanel has been doing it for years, havent heard of anyone getting root via a plugin. I think if there are some good recommendations and code sharing as far as security implamentations that can be discussed and exchanged this could be a welcome relief as it currently a very messy job.

I'm sorry, but have you seen the issues cPanel has had in the past with exploits? My vote is no since that's the only other option besides yes.

 

[localhost]

No, never it will be the biggest bug in DA...

More people and developers will be happy if you will make a DA for Gentoo