<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta name="Generator" content="Microsoft Word 15 (filtered medium)"> <style></style> </head> <body lang="en-SE" link="#0563C1" vlink="#954F72" style="word-wrap:break-word"> <div class="WordSection1"> Hi, we have been playing around more with the portable services and lots of loose thoughts came up. Hopefully we can initiate discussions. <o:p></o:p> <o:p> </o:p> The PrivateUsers and DynamicUsers are turned off for the trusted profile in portable services but none of the passwd/group and nss files are mapped to the sandbox by default essentially preventing the sandbox to do a user look up. Is this a use case that should be offered by the “trusted” profile or should this be handled by the services that would like to do a look-up? <o:p></o:p> <o:p> </o:p> Is there a way to have PrivateUsers=yes and map more host users to the sandbox? We have dynamic, uid based authorization on dbus methods. Up on receiving a method, the server checks the sender uid against a set of rule files. <o:p></o:p> <o:p> </o:p> Would it benefit others if the “profile” support was moved out of the portable services and be part of the unit files? For example part of the [Install] section.<o:p></o:p> <o:p> </o:p> Has there been any thought about nesting profiles? Example, one profile can include other profiles in it. <o:p></o:p> <o:p> </o:p> Systemd analyze security is great! We believe it would be easier to audit if we had a way to compare a service file’s sandboxing directives against a profile and find the delta. Then score the service file against delta. <o:p></o:p> <o:p> </o:p> Thank you for your comments<o:p></o:p> Umut<o:p></o:p> </div> </body> </html>