[systemd-devel] systemctl as non-root
Daniel Mack
daniel at zonque.org
Fri May 29 01:06:59 PDT 2015
On 05/29/2015 05:26 AM, Andrei Borzenkov wrote:
> If you do not use D-Bus daemon systemd will be listening on private
> socket. In this case the only check it does is that peer runs as UID=0
> (note - not EUID, so suid does not really help).
>
> I wonder how access control is implemented in kdbus case.
kdbus implements its own policy logic to allow given UIDs to talk to,
see, or own well-known-names. See kdbus.policy(7) in the standalone
kdbus repository.
For individual method calls, kdbus can optionally pass a number of
metadata along, so services can in some cases make authorization
decisions based on them, without talking to polkit. This is similar to
SCM_CREDENTIALS on sockets but offers a lot more information.
Daniel
More information about the systemd-devel
mailing list