On 21/01/16 18:12, Charles Duffy wrote:
> I have a setuid-root executable
... and now you have two problems? :-)
setuid executables are inherently dangerous: they run with one set of
privileges (their euid), but their environment variables, resource
limits, inherited file descriptors, etc. are co
On Thu, 21.01.16 18:12, Charles Duffy (char...@dyfis.net) wrote:
> Howdy --
>
> I have a setuid-root executable from which I'm trying to start or stop a
> service. However, when invoking systemctl from this executable -- for which
> geteuid() returns 0 -- the control socket is rejected when the r
> From: Charles Duffy
> To: "systemd-devel@lists.freedesktop.org" de...@lists.freedesktop.org>
> Date: 01/21/2016 10:12 AM
> Subject: [systemd-devel] euid 0 not honored authenticating control
socket?
> Sent by: "systemd-devel"
>
> Howdy --
>
&
Howdy --
I have a setuid-root executable from which I'm trying to start or stop a
service. However, when invoking systemctl from this executable -- for which
geteuid() returns 0 -- the control socket is rejected when the ruid does
not match (such that the executable was invoked from a less-privile