Date: Thu, 06 Jul 2017 09:03:11 +0200 From: Martin Steigerwald <martin@...htvoll.de> To: oss-security@...ts.openwall.com Subject: Re: systemd fails to parse user that should run service Jeffrey Walton - 05.07.17, 22:12: > > systemd is not the one coming up with the restrictions on user names, > > and while some distributions are less restrictive, many do enforce the > > same restrictions as we do. In order to make systemd unit files > > portable between systems we'll hence enforce something that > > resembles more the universally accepted set, rather than accept the > > most liberal set possible. > > systemd is effectively setting policy where it has no business doing so. I have seen this… and the "not-a-bug" approach with Systemd upstream developers quite often meanwhile. I think this arrogant "we know better than you" attitude is poisonous to security… and to collaboration in the free software world in general. -- Martin
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ