Hi Marco,
On Tue, 21 Oct 2025, Marco d'Itri wrote:
On Oct 21, Adrian Bunk <[email protected]> wrote:
With the second issue resolved by making /var/lock/ available again,
the first issue is still a bug but no longer fatal.
I am currently travelling, but soon the write permissions will be restricted
to just group dialout.
I do not want to have /run world writeable: it's too much of a risk.
shouldn't it be enough to have /run/lock world writeable? As I understood
this, /run/lock has been always world writeable and the first discussion
about a security issue started 15 years ago on some systemd mailing list.
Have you ever heard of a bigger problem with this setting since then?
Thorsten
