[systemd-devel] Block systemd from adding new services

Saint Michael venefax at gmail.com
Sun Jun 13 16:14:38 UTC 2021


The attacker is a robot trying to copy a *.service to
/etc/systemd/services. This single measure may keep me in business.
Thanks for the information.


On Sun, Jun 13, 2021 at 11:45 AM Silvio Knizek <killermoehre at gmx.net> wrote:

> Am Sonntag, dem 13.06.2021 um 10:49 -0400 schrieb Saint Michael:
> > This is not a human attacker, but a robot. My question is: if I apply
> > chattr +i to $(pkg-config --variable=systemdsystemconfdir systemd),
> > will the OS continue to work fine or this is nonsense?
> > Philip
> Systemd will work totally fine (except »systemctl edit« probably). But
> the point stays: if your attacker has root rights, nothing prevents
> them for setting »chattr -i« on the confdir. So IMHO your approach is
> futile.
>
> BR
> Silvio
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20210613/09c120ad/attachment.htm>


More information about the systemd-devel mailing list