New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security: how to protect pm2 process and pm2 applications from being listed/stopped by other users? #260
Security: how to protect pm2 process and pm2 applications from being listed/stopped by other users? #260
Comments
pm2 cli should probably talk with a daemon over a unix socket, not tcp. This will solve permissions problems as well. |
@rlidwka you are right, so far I had just been using And, of course, since Cheers, |
This is a very serious issue for anyone having more than one user on a server. What is the solution? Why would even pm2 allow any other user to access pm2 started as a different user? |
Isn't this linked to the npm global install somehow ? |
#329 does not fix this |
I still have an issue related to this. I'm listening on a socket. The daemon is started as root and i'm using --run-as-user to start nodejs apps. But the socket doesn't get created. Of course, it's working if i'm starting the daemon as my own user name but we are in a multiuser environment. |
I still have this issue with version 0.10.1 (from npm or https://github.com/Unitech/PM2.git at this moment) : any local user can stop all apps handled by pm2 but then couldn't start these apps. |
Yes we're aware of this but it has been moved to #642 or how things would be resolved (1.0). |
Hello,
I haven't found anything about this security topic mentioned before, so here is an issue to talk about it.
At this time it's possible to start
pm2
with a dedicated user, and it's good.But :
pm2
process can be killed by any user simply logged on the production system:pm2 kill
pm2
can be listed/stopped by any user simply logged on the production system:pm2 list
,pm2 stop all
A possible security model could be based on filesystem rights. This is very Unix. When called,
pm2
could check the calling user rights on the.pm2
directory:.pm2
directory (i.e. can openr
the directory) → the user is allowed to runpm2 list
.pm2
directory (i.e. can openw
the directory) → the user is allowed to runpm2 stop
That way all the permissions will be dealt on the filesystem level. What do you think?
Cheers,
The text was updated successfully, but these errors were encountered: