[systemd-devel] Antw: Re: Antw: Re: systemd's connections to /run/systemd/private ?

Reindl Harald h.reindl at thelounge.net
Wed Aug 14 13:02:41 UTC 2019



Am 14.08.19 um 14:59 schrieb Ulrich Windl:
>>>> Reindl Harald <h.reindl at thelounge.net> schrieb am 14.08.2019 um 12:22 in
> Nachricht <13150bf2-e0c9-063a-9026-ac95c1fda7ce at thelounge.net>:
>>
>> Am 14.08.19 um 12:10 schrieb Ulrich Windl:
>>>>>> Michael Chapman <mike at very.puzzling.org> schrieb am 14.08.2019 um 11:47 in
>>>> That's all true, but the thing we need to check here is that systemd 
>>>> correctly handles junk on the /run/systemd/private socket. The change on 
>>>> the systemctl side certainly tries to prevent incorrect data being sent 
>>>> down the socket -- though it looks like there's several ways in which 
>>>> fd_move_above_stdio() can fail, so this isn't foolproof -- but we need to 
>>>> ensure that some _malicious_ client can't DoS systemd.
>>>
>>> I don't want to contradict in principle, but doesn't "private socket" mean 
>> it's intended to be used by systemd only? Of course being root allows you to 
>> use any socket...
>>
>> may is ask you to read the thread you are responding to?
>> nobody is touching the private socket
> 
> Then why care about "junk on the /run/systemd/private socket."?

to avoid when people like you doing strange stuff coming here to blame
systemd as you did often enough in the past months


More information about the systemd-devel mailing list