[systemd-bugs] [Bug 87354] systemd-coredump can run elfutils as root
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Wed Jan 28 17:50:58 PST 2015
https://bugs.freedesktop.org/show_bug.cgi?id=87354
--- Comment #6 from Lennart Poettering <lennart at poettering.net> ---
As a first step I have now changed the coredump tool to drop all caps before
processing the coredump.
http://cgit.freedesktop.org/systemd/systemd/commit/?id=f11943c53ec181829a821c6b27acf828bab71caa
We might want to take this a couple of steps further:
* introduce a new user "systemd-coredump" or so, and if we process a coredump
for root, drop privs to that user. There's one complexity about this though:
ideally we'd make sure that the SCM_CREDENTIALS structure passed to journald
for the coredump is the root user then, and not "systemd-coredump".
* move the src/core/namespace.[ch] to /src/shared, and make use of it here, to
protect the root directory and home, like we do for normals services.
All that together should be a sufficiently good sandbox.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-bugs/attachments/20150129/4ed7bb07/attachment.html>
More information about the systemd-bugs
mailing list