[CentOS] best way to start and shutdown programs in CentOS?

Les Mikesell lesmikesell at gmail.com
Mon Nov 22 23:59:53 EST 2010


On 11/22/10 10:34 PM, Kill Script wrote:
> On Mon, Nov 22, 2010 at 8:03 PM, John R Pierce <pierce at hogranch.com
> <mailto:pierce at hogranch.com>> wrote:
>
>             su-$ORA_OWNER -c $ORA_HOME/bin/dbstart
>
>     should be
>
>             su - $ORA_OWNER -c $ORA_HOME/bin/dbstart
>
>
> So, for a Java program, would you suggest creating a different user, giving that
> user just enough privileges, and then running the script so that it exited if
> the wrong user tried to use it?
>
> (Just trying to think what's the best long term solution for something like this)

Yes, especially if it runs a network protocol with the possibility of remote 
exploits.  It is an easy way to limit the damage if anything goes wrong.  But, 
the init scripts start as root so they need to su to the right user before 
starting the app.

-- 
   Les Mikesell
    lesmikesell at gmail.com


More information about the CentOS mailing list