Currently the Ruby process runs as user "deploy" (I can't find where we set that user, so I assume it's due to auto detection).
But while deploying recent changes I noticed that APP_USER was originally set to "nztrain" (and also isolock's group was "nztrain" turns out that was recent and unintentional).
The "nztrain" user exists, has a near-empty home dir, and doesn't own any other files.
Does anyone have an opinion on whether we should keep using the "deploy" user or switch to the "nztrain" user?
Personally I think that there might be a small security benefit in switching to a user with read-only access to the app's code, but I don't think it's worth the effort (need to give the "nztrain" user write access to the uploads directory and probably more; it already has database access).
Currently the Ruby process runs as user "deploy" (I can't find where we set that user, so I assume it's due to auto detection).
But while deploying recent changes I noticed that APP_USER was originally set to "nztrain" (
and also isolock's group was "nztrain"turns out that was recent and unintentional).The "nztrain" user exists, has a near-empty home dir, and doesn't own any other files.
Does anyone have an opinion on whether we should keep using the "deploy" user or switch to the "nztrain" user?
Personally I think that there might be a small security benefit in switching to a user with read-only access to the app's code, but I don't think it's worth the effort (need to give the "nztrain" user write access to the uploads directory and probably more; it already has database access).