Am 14.08.19 um 12:41 schrieb Michael Chapman: > On Wed, 14 Aug 2019, Reindl Harald wrote: >> Am 14.08.19 um 12:10 schrieb Ulrich Windl: >>>>>> Michael Chapman <m...@very.puzzling.org> schrieb am 14.08.2019 um 11:47 >>>>>> in >>>> That's all true, but the thing we need to check here is that systemd >>>> correctly handles junk on the /run/systemd/private socket. The change on >>>> the systemctl side certainly tries to prevent incorrect data being sent >>>> down the socket -- though it looks like there's several ways in which >>>> fd_move_above_stdio() can fail, so this isn't foolproof -- but we need to >>>> ensure that some _malicious_ client can't DoS systemd. >>> >>> I don't want to contradict in principle, but doesn't "private socket" mean >>> it's intended to be used by systemd only? Of course being root allows you >>> to use any socket... >> >> may is ask you to read the thread you are responding to? >> nobody is touching the private socket > > systemctl will mostly use /run/systemd/private when run as root
that's not the point - the point is his talking about "doesn't private socket mean" when the code triggering in the thread the issue don't talk to it directly _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
