subject:"\[systemd\-devel\] \[PATCH\] units\: add SecureBits"

Re: [systemd-devel] [PATCH] units: add SecureBits

2015-04-24 Thread Lennart Poettering

On Sat, 14.02.15 12:32, Topi Miettinen (toiwo...@gmail.com) wrote: Sorry for the late response, still going through piles of mail. No setuid programs are expected to be executed, so add SecureBits=no-setuid-fixup no-setuid-fixup-locked to unit files. So, hmm, after reading the man page

Re: [systemd-devel] [PATCH] units: add SecureBits

2015-04-24 Thread Topi Miettinen

On 04/24/15 14:52, Lennart Poettering wrote: On Sat, 14.02.15 12:32, Topi Miettinen (toiwo...@gmail.com) wrote: Sorry for the late response, still going through piles of mail. No setuid programs are expected to be executed, so add SecureBits=no-setuid-fixup no-setuid-fixup-locked to unit

Re: [systemd-devel] [PATCH] units: add SecureBits

2015-04-24 Thread Lennart Poettering

On Fri, 24.04.15 16:42, Topi Miettinen (toiwo...@gmail.com) wrote: I think all long-running ones that reasonably can already do. I mean, things like logind simple need too many caps, it's really not worth trying to make them run under a different uid, because they have so much privs

Re: [systemd-devel] [PATCH] units: add SecureBits

2015-02-14 Thread Topi Miettinen

On 02/11/15 16:32, Lennart Poettering wrote: On Wed, 11.02.15 16:24, Topi Miettinen (toiwo...@gmail.com) wrote: On 02/10/15 21:00, Lennart Poettering wrote: On Sat, 07.02.15 10:40, Topi Miettinen (toiwo...@gmail.com) wrote: No setuid programs are expected to be executed, so add

Re: [systemd-devel] [PATCH] units: add SecureBits

2015-02-11 Thread Topi Miettinen

On 02/10/15 21:00, Lennart Poettering wrote: On Sat, 07.02.15 10:40, Topi Miettinen (toiwo...@gmail.com) wrote: No setuid programs are expected to be executed, so add SecureBits=no-setuid-fixup no-setuid-fixup-locked to unit files. So, hmm, after reading the man page again: what's the

Re: [systemd-devel] [PATCH] units: add SecureBits

2015-02-11 Thread Lennart Poettering

On Wed, 11.02.15 16:24, Topi Miettinen (toiwo...@gmail.com) wrote: On 02/10/15 21:00, Lennart Poettering wrote: On Sat, 07.02.15 10:40, Topi Miettinen (toiwo...@gmail.com) wrote: No setuid programs are expected to be executed, so add SecureBits=no-setuid-fixup no-setuid-fixup-locked

Re: [systemd-devel] [PATCH] units: add SecureBits

2015-02-10 Thread Lennart Poettering

On Sat, 07.02.15 10:40, Topi Miettinen (toiwo...@gmail.com) wrote: No setuid programs are expected to be executed, so add SecureBits=no-setuid-fixup no-setuid-fixup-locked to unit files. So, hmm, after reading the man page again: what's the rationale for precisely these bits? I mean

[systemd-devel] [PATCH] units: add SecureBits

2015-02-07 Thread Topi Miettinen

No setuid programs are expected to be executed, so add SecureBits=no-setuid-fixup no-setuid-fixup-locked to unit files. --- units/systemd-hostnamed.service.in| 1 + units/systemd-importd.service.in | 1 + units/systemd-journal-gatewayd.service.in | 1 +

Re: [systemd-devel] [PATCH] units: add SecureBits

Re: [systemd-devel] [PATCH] units: add SecureBits

Re: [systemd-devel] [PATCH] units: add SecureBits

Re: [systemd-devel] [PATCH] units: add SecureBits

Re: [systemd-devel] [PATCH] units: add SecureBits

Re: [systemd-devel] [PATCH] units: add SecureBits

Re: [systemd-devel] [PATCH] units: add SecureBits

[systemd-devel] [PATCH] units: add SecureBits

8 matches

Site Navigation

Mail list logo

Footer information