[systemd-devel] Github systemd issue 6237
Reindl Harald
h.reindl at thelounge.net
Mon Jul 10 10:57:03 UTC 2017
Am 10.07.2017 um 12:55 schrieb Lennart Poettering:
> On Thu, 06.07.17 10:34, Reindl Harald (h.reindl at thelounge.net) wrote:
>
>>
>>
>> Am 06.07.2017 um 09:59 schrieb Jonathan de Boyne Pollard:
>>> Reindl Harald:
>>> > at least fall back to “nobody”
>>>
>>> Jonathan de Boyne Pollard:
>>> > That idea is wrong.
>>> >
>>> > https://news.ycombinator.com/item?id=14681377#14682059
>>>
>>> Reindl Harald:
>>> > better than a stupid [...]
>>>
>>> Not really, no. It's the same category of error, in fact: substituting
>>> an account other than the one that the system administrator explicitly
>>> said to drop privileges to.
>>
>> yes, it's both nonsense, but when i only have the option to choose between
>> two types of nonsense i take the one which don't give root permissions
>
> The "nobody" user has special semantics on Linux: it's where things
> are mapped to that can't be mapped otherwise. It's used by user
> namspacing, by NFS and others. It's really not a good idea, to permit
> random services to create and access files under that ID
and run it as root is a better idea?
seriously?
More information about the systemd-devel
mailing list