search

JJ / 2020-WCCI-variable-attack-surface

Paper on optimal nginx configuration for generating variable attack surfaces
GNU General Public License v3.0
3 stars 1 forks source link

Maybe config could be generated in a temp file? #12

Closed JJ closed 4 years ago

JJ commented 4 years ago

Right now, you need privs to write it in /etc. Besides, nginx is anyway started with a specific filename, could be anywhere.

JJ commented 4 years ago

It can, but it still needs privileges for the error log

 ➜  code git:(master) ✗ pytest test/test_fitness.py -s
==================================================== test session starts =====================================================
platform linux -- Python 3.6.4, pytest-4.3.0, py-1.8.0, pluggy-0.9.0
rootdir: /home/jmerelo/txt/investigacion/papers/2020/2020-WCCI-variable-attack-surface/code, inifile:
plugins: celery-4.2.1
collected 2 items                                                                                                            

test/test_fitness.py .nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)
2020/01/25 12:44:10 [warn] 25465#25465: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /tmp/tmpwk973fc8.conf:2
2020/01/25 12:44:10 [emerg] 25465#25465: host not found in upstream "juice-shop" in /tmp/tmpwk973fc8.conf:41
nginx: configuration file /tmp/tmpwk973fc8.conf test failed