oss-sec mailing list archives

Re: systemd fails to parse user that should run service

From: Robert Scheck <robert () fedoraproject org>
Date: Wed, 5 Jul 2017 23:14:51 +0200

On Wed, 05 Jul 2017, Perry E. Metzger wrote:

On Wed, 5 Jul 2017 13:28:43 +0100 Ben Tasker <ben () bentasker co uk>
wrote:

FWIW, I'd be inclined to agree that it needs a CVE so that
downstream distro's can at least refer to it, and decide how (and
if) they want to address it.


+1

I don't care much if the developers deny that this is a problem. It is
a problem.


+1 for both, the CVE and that this is a problem. The service should not be
started with more (!) permissions simply if parsing username fails. As a
security sensitive guy I do not want to see a random software started with
root permissions, because the random username fails to be parsed by some
systemd code.


Regards,
  Robert

Attachment: _bin
Description:

Current thread:

Re: systemd fails to parse user that should run service, (continued)
- - - Re: systemd fails to parse user that should run service Pali Rohár (Jul 05)
    - Re: systemd fails to parse user that should run service Alan Coopersmith (Jul 05)
    - Re: systemd fails to parse user that should run service Perry E. Metzger (Jul 05)
    - Re: systemd fails to parse user that should run service Simon McVittie (Jul 05)
    - Re: systemd fails to parse user that should run service Kristian Fiskerstrand (Jul 05)
    - Re: systemd fails to parse user that should run service Jeremy Stanley (Jul 05)
    - Re: systemd fails to parse user that should run service Kristian Fiskerstrand (Jul 05)
    - Re: systemd fails to parse user that should run service Simon McVittie (Jul 05)
    - Re: systemd fails to parse user that should run service Ben Tasker (Jul 06)
    - Re: systemd fails to parse user that should run service Perry E. Metzger (Jul 05)
    - Re: systemd fails to parse user that should run service Robert Scheck (Jul 05)
    - Re: systemd fails to parse user that should run service Patrick J. Volkerding (Jul 06)
    - Re: systemd fails to parse user that should run service Simon McVittie (Jul 06)
    - Re: systemd fails to parse user that should run service Leonid Isaev (Jul 06)
    - Re: systemd fails to parse user that should run service Simon McVittie (Jul 06)
    - Re: systemd fails to parse user that should run service Leonid Isaev (Jul 06)
    - Re: systemd fails to parse user that should run service Simon McVittie (Jul 06)
    - Re: systemd fails to parse user that should run service Martin Steigerwald (Jul 06)
  - Re: systemd fails to parse user that should run service Eric Blake (Jul 05)
- Re: systemd fails to parse user that should run service Jeffrey Walton (Jul 05)
  - Re: systemd fails to parse user that should run service Martin Steigerwald (Jul 06)

(Thread continues...)