[systemd-devel] Unprivileged user can kill root-owned processes by changing PID file and stopping service
Reindl Harald
h.reindl at thelounge.net
Fri Feb 19 20:42:52 UTC 2021
Am 19.02.21 um 21:05 schrieb Frank Thommen:
>
>> Lennart Poettering <lennart at poettering.net> hat am 19.02.2021 15:44 geschrieben:
>>
>>
>> On Fr, 19.02.21 15:12, Frank Thommen (systemd-devel at lists.drosera.ch) wrote:
>>
>>> Dear all,
>>>
>>> I am experiencing the issue, that an unprivileged user can kill
>>> root-owned processes by changing a service's PIDFile.
>>
>> The file referenced by PIDFile= should not be under control of an
>> unpriv user.
>>
>> v219 is more than 5 years old. Since then we have tightened controls:
>
> I am aware of this, but unfortunately for the time being we are stuck with this version (CentOS 7.4)
i yet need to see a real world usecase which needs "PIDFile=" at all -
systemd kills everything in the cgroup anyways at stop
i even start mariadb with --pid-file=/dev/null and without "mysqlsafe"
for years to get rid of all that shit
not a single service is using "PIDFile=" for years here and frankly i
even forked systemd units only to get rid of that nosense from the 1990s
More information about the systemd-devel
mailing list