[systemd-devel] [PATCH] units: add SecureBits

Lennart Poettering lennart at poettering.net
Fri Apr 24 09:46:38 PDT 2015


On Fri, 24.04.15 16:42, Topi Miettinen (toiwoton at gmail.com) wrote:

> > I think all long-running ones that reasonably can already do. I mean,
> > things like logind simple need too many caps, it's really not worth
> > trying to make them run under a different uid, because they have so
> > much privs otherwise...
> >
> > Which daemons do you precisely have in mind?
> 
> Nothing in particular. Privilege separation could help even in cases
> where some caps need to be retained.

Sure! Note that networkd and timesyncd both setuid() to an
unprivileged user, but do keep CAP_NET_ADMIN/CAP_SYS_TIME. In those
case that's relatively easy to do, because they only require those two
caps, and nothing else. But for stuff like logind its quite different,
it needs a lot of caps...

Lennart

-- 
Lennart Poettering, Red Hat


More information about the systemd-devel mailing list