Date: Wed, 5 Jul 2017 17:26:47 -0500 From: "Patrick J. Volkerding" <security@...ckware.com> To: oss-security@...ts.openwall.com Subject: Re: systemd fails to parse user that should run service On 07/05/2017 04:14 PM, Robert Scheck wrote: > +1 for both, the CVE and that this is a problem. The service should not be > started with more (!) permissions simply if parsing username fails. One would think that without any User= line specified, defaulting to nobody:nogroup would be more sane than defaulting to root. Since the User= mechanism exists, if you want something to run as root, you should need to ask for it. [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ