[systemd-devel] Github systemd issue 6237
Alexander Bisogiannis
alexixor at gmail.com
Tue Jul 4 21:23:01 UTC 2017
On Tue, 04 Jul 2017 17:21:01 +0000, Zbigniew Jędrzejewski-Szmek wrote:
> If you need root permissions to create a unit, then it's not a security
> issue. An annoyance at most.
The fact that you need to be root to create a unit file is irrelevant.
Systemd is running a service as a different user to what is defined in
the unit file.
This is a bug and a local security issue, especially because it will run
said service as root.
It might not warrant a CVE, although in my line of work this is
considered a security issue, but it is a bug and needs fixing.
The fix is to refuse to run the service, period.
Is there any other place I can go to open a bug, or do I need to go to
the upstream "vendor" bugzila?
Regards,
Abis.
More information about the systemd-devel
mailing list