Hi Joel, Joel Rees <[email protected]> writes: > (6) systemd and cgroups (at minimum) end up overriding the permissions > system. It's bad enough having SELinux and ACLs brought in to knock > holes in the permissions system, but when arbitrary non-kernel system > functions start getting their hands into the equation, there is no way > to be sure that when you set any particular file under /etc or under > ~/ -- including /etc/ssh and ~/.shh -- as mode 740, that the effective > permissions don't end up 666 or 1147. In this case, even pid 1 is a > group of arbitrary non-kernel functions. > > Permissions and race conditions are not the only ways that the > modularity of these technologies is broken. I'm not going to try to > enumerate them here.
I'm interested how use of systemd and cgroups will make a file in /etc/ssh or ~/.ssh change effective permissions. Could you explain that in simple, reproducible steps? Ansgar -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
