[systemd-devel] nspawn --private-users and setuid
Leroy Pubel
lepubel at gmail.com
Fri Dec 11 10:36:55 PST 2015
Is it considered safe to setuid on a root-owned binary that launches
systemd-nspawn with the argument "--private-users=1000:1"?
i.e.
/* user-nspawn.c */
#include <unistd.h>
int main() {
const char * binary = "/usr/bin/systemd-nspawn";
execl(binary, binary, "--private-users=1000:1", (char *)NULL);
}
gcc -o user-nspawn user-nspawn.c
su
chown root:root user-nspawn
chmod +s user-nspawn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20151211/17b76c2e/attachment.html>
More information about the systemd-devel
mailing list