On Fri, 24.04.15 16:42, Topi Miettinen ([email protected]) wrote: > > I think all long-running ones that reasonably can already do. I mean, > > things like logind simple need too many caps, it's really not worth > > trying to make them run under a different uid, because they have so > > much privs otherwise... > > > > Which daemons do you precisely have in mind? > > Nothing in particular. Privilege separation could help even in cases > where some caps need to be retained.
Sure! Note that networkd and timesyncd both setuid() to an unprivileged user, but do keep CAP_NET_ADMIN/CAP_SYS_TIME. In those case that's relatively easy to do, because they only require those two caps, and nothing else. But for stuff like logind its quite different, it needs a lot of caps... Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
