On Wed, 14 Aug 2019, Reindl Harald wrote: > Am 14.08.19 um 12:10 schrieb Ulrich Windl: > >>>> Michael Chapman <m...@very.puzzling.org> schrieb am 14.08.2019 um 11:47 > >>>> in > >> That's all true, but the thing we need to check here is that systemd > >> correctly handles junk on the /run/systemd/private socket. The change on > >> the systemctl side certainly tries to prevent incorrect data being sent > >> down the socket -- though it looks like there's several ways in which > >> fd_move_above_stdio() can fail, so this isn't foolproof -- but we need to > >> ensure that some _malicious_ client can't DoS systemd. > > > > I don't want to contradict in principle, but doesn't "private socket" mean > > it's intended to be used by systemd only? Of course being root allows you > > to use any socket... > > may is ask you to read the thread you are responding to? > nobody is touching the private socket
systemctl will mostly use /run/systemd/private when run as root. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
