[systemd-devel] [PATCH 3/4] units: differentiate the bus proxy and bus driver for the user manager
Kay Sievers
kay at vrfy.org
Thu Dec 26 19:45:32 PST 2013
On Thu, Dec 26, 2013 at 11:35 PM, Giovanni Campagna
<scampa.giovanni at gmail.com> wrote:
> they do need the IPC_OWNER capability, to fake credentials
> on kdbus.
Oh, I guess we should just allow the owner/creator of the bus, the
user in this case, to do all that without the kernel capability.
We should not leak privileges into the user session, systemd --user
runs as the user and any other process of the same user can ptrace it.
Kay
More information about the systemd-devel
mailing list