On Sat, 18.05.13 02:18, David Strauss (da...@davidstrauss.net) wrote:
>
> On Thu, May 16, 2013 at 11:39 PM, Aaron Faanes wrote:
> > So my question, simply, is this: Should I prefer running a process as
> > root knowing that it chroots itself, or should I run it as non-root
> > and chroot it via
On Thu, May 16, 2013 at 11:39 PM, Aaron Faanes wrote:
> So my question, simply, is this: Should I prefer running a process as
> root knowing that it chroots itself, or should I run it as non-root
> and chroot it via systemd?
I support the "trust systemd; don't trust the daemon" model going
forwar
El 17/05/13 02:39, Aaron Faanes escribió:
So my question, simply, is this: Should I prefer running a process as
root knowing that it chroots itself, or should I run it as non-root
and chroot it via systemd?
Well, systemd enforces restrictions at the kernel level, while other
software usually
On 05/17/2013 01:39 AM, Aaron Faanes wrote:
> So my question, simply, is this: Should I prefer running a process as
> root knowing that it chroots itself, or should I run it as non-root
> and chroot it via systemd?
The choice implied by your subject doesn't really exist. You're already
trusting s
Hello!
First of all, I love systemd. It's a great tool to use and it's been a
pleasure to work with.
Anyway, I was writing up a socket-activated systemd service for a
public read-only rsync server. When the rsync daemon serves a share,
it chroots into the share's directory by default. Of course,
