[systemd-devel] Github systemd issue 6237
Reindl Harald
h.reindl at thelounge.net
Tue Jul 4 17:36:02 UTC 2017
Am 04.07.2017 um 19:21 schrieb Zbigniew Jędrzejewski-Szmek:
>> My question is:
>>
>> Is this a bug with a BZ against rhel/centos7 (as my understanding is that
>> this affects EL7 too)?
>>
>> If there is no BZ and based on the wording of the second to last comment
>> by poettering, will this be fixed/changed in a future update?
>>
>> I personally see this as a security issue and thus as a bug.
> If you need root permissions to create a unit, then it's not a
> security issue. An annoyance at most.
> (You do know that you're not supposed to copy&paste random stuff
> from the internet as root, right?)
no - when there is a "User=" statement in the unitfile it's a strong
reason to refuse start that unit if that user don't exist instead
silently fall back to root and casting "0day" to a int 0 is just a
sloppy implementation with no good reason
frankly even PHP makes difference here
if($bla == "0day")
versus
if($bla === "0day")
the latter won't evaluate to 0 in no case
More information about the systemd-devel
mailing list