I am developing a server application for the ubuntu server, clients will connect through a socket connection. It is in beta testing and is in heavy development. At the moment, many people use it, and it is updated almost every day. Therefore, I seriously consider security issues and at the same time do not limit myself too much. Now I have two questions:
Where is the right place to store my files? An application consists of an executable file, some configuration files, and a script run. But I do not want to distribute it across the file system, just storing it in one folder for convenience, since the application is in heavy development. My guess would be to create a new directory under /var . Right now I am storing it in my home folder.
Do I need to create a separate user for him? I run it with init.d script via sudo -u me . I want to limit its access to the system for security purposes, but at the same time I want to be able to update it via FTP and not run access problems (the user who downloads it is different from the user who launches it, and sometimes it needs to write access to some files). How to do it?
source share