The attacker is a robot trying to copy a *.service to /etc/systemd/services. This single measure may keep me in business. Thanks for the information.
On Sun, Jun 13, 2021 at 11:45 AM Silvio Knizek <killermoe...@gmx.net> wrote: > Am Sonntag, dem 13.06.2021 um 10:49 -0400 schrieb Saint Michael: > > This is not a human attacker, but a robot. My question is: if I apply > > chattr +i to $(pkg-config --variable=systemdsystemconfdir systemd), > > will the OS continue to work fine or this is nonsense? > > Philip > Systemd will work totally fine (except »systemctl edit« probably). But > the point stays: if your attacker has root rights, nothing prevents > them for setting »chattr -i« on the confdir. So IMHO your approach is > futile. > > BR > Silvio > >
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel