Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

为qbitorrent启动脚本指定其运行用户以减小攻击面提升安全性 #1035

Open
Mosney opened this issue Jan 10, 2024 · 1 comment
Open

为qbitorrent启动脚本指定其运行用户以减小攻击面提升安全性 #1035

Mosney opened this issue Jan 10, 2024 · 1 comment

Comments

@Mosney
Copy link

Mosney commented Jan 10, 2024

本来想直接简单粗暴加个procd_set_param开PR的,但是发觉init还需要处理所用user未创建、配置文件目录权限等情况,另外luci-app-qbittorrent也可以像luci-app-aria2一样添加选框下拉列表来选择所使用的用户,这两项调整超出能力范围,只好来开个issue看看社群有没有人可以添加这些以完备此package。

上述功能主线packages和luci仓库的transmission和aria2基本都有提供,感觉可以照猫画虎快速糊出来
https://github.com/openwrt/packages/blob/master/net/transmission/files/transmission.init
https://github.com/openwrt/packages/blob/master/net/aria2/files/aria2.init

 procd_set_param user "$user" 
 procd_set_param group "$group" 
 procd_set_param nice "$nice"
@Mosney Mosney changed the title 为qbitorrent启动脚本指定其运行用户以减小攻击面以提升安全性 为qbitorrent启动脚本指定其运行用户以减小攻击面提升安全性 Jan 10, 2024
@1715173329
Copy link
Member

配置文件目录权限等情况

这个东西很麻烦实话说,用 chown -R 和 chmod -R 对我而言多少有点难以接受。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@1715173329 @Mosney