Michael Orlitzky wrote:
> On 12/6/20 11:57 AM, Martin Vaeth wrote:
>> Michael Orlitzky wrote:
>>>
>>> Why are you focusing on /tmp and /var/tmp?
>> Because only world-writable directories are the ones which
>> can be exploited unless the tmpfiles.conf author does
>> something malevolent or extrem
On 12/6/20 11:57 AM, Martin Vaeth wrote:
Michael Orlitzky wrote:
Why are you focusing on /tmp and /var/tmp?
Because only world-writable directories are the ones which
can be exploited unless the tmpfiles.conf author does
something malevolent or extremely stupid.
This is completely untrue,
antlists wrote:
> On 06/12/2020 07:55, Martin Vaeth wrote:
>> Dale wrote:
>>> It sounds like a rather rare problem. Maybe even only during boot up.
>
>> It is a non-existent problem on openrc if you clean /tmp and /var/tmp
>> on boot (which you should do if you use opentmp):
>
> Which breaks a lo
Michael Orlitzky wrote:
>
> Why are you focusing on /tmp and /var/tmp?
Because only world-writable directories are the ones which
can be exploited unless the tmpfiles.conf author does
something malevolent or extremely stupid.
> To pick a relevant example
relevant?
> If that was a 'Z' entry, or
Michael wrote:
>
> Given M.Orlitzky's comments and discussions with systemd devs he shared,
> what's the optimal solution for OpenRC users, who want to avoid systemd?
Simply stay with opentmpfiles.
> Rely on ebuild creators and maintainer checks to guard against these inherent
> vulnerabilities?
On Sun, Dec 6, 2020 at 8:45 AM Michael wrote:
>
> The objectives of RHL and Poettering are not necessarily aligned
> with mine. For example, as I was installing sys-apps/systemd-tmpfiles I
> noticed systemd selecting as default DNS and NTP servers belonging to Google.
> Not something I would cons
On Sunday, 6 December 2020 13:01:40 GMT antlists wrote:
> On 06/12/2020 12:54, Rich Freeman wrote:
> > I think the idea of having something more cross-platform is a good
> > one, though there is nothing really about systemd that isn't "open" -
> > it is FOSS. It just prioritizes using linux syscal
On 12/6/20 2:55 AM, Martin Vaeth wrote:
Dale wrote:
It sounds like a rather rare problem. Maybe even only during boot up.
It is a non-existent problem on openrc if you clean /tmp and /var/tmp
on boot (which you should do if you use opentmp):
The purpose of opentmpfiles is to fill these dire
On 06/12/2020 12:54, Rich Freeman wrote:
I think the idea of having something more cross-platform is a good
one, though there is nothing really about systemd that isn't "open" -
it is FOSS. It just prioritizes using linux syscalls where they are
useful over implementing things in a way that work
On 06/12/2020 07:55, Martin Vaeth wrote:
Dale wrote:
It sounds like a rather rare problem. Maybe even only during boot up.
It is a non-existent problem on openrc if you clean /tmp and /var/tmp
on boot (which you should do if you use opentmp):
Which breaks a lot of STANDARDS-COMPLIANT softw
On Sun, Dec 6, 2020 at 7:37 AM Neil Bothwick wrote:
>
> Maybe the devs need to rename the systemd-tmpfiles package to satisfy
> those that break out in a sweat at the mention of the s-word :)
Or maybe people who care a great deal about the filenames of stuff
just could rename them as they prefer?
On Sun, 6 Dec 2020 at 13:37, Neil Bothwick wrote:
> Despite the claims that systemd is
> monolithic, it is not. It is an ecosystem comprised of many parts, some
> of which can be used without any other systemd components, like
> systemd-tmpfiles and systemd-boot, not to mention udev.
Despite repe
On Sun, 06 Dec 2020 10:45:38 +, Michael wrote:
> Given M.Orlitzky's comments and discussions with systemd devs he
> shared, what's the optimal solution for OpenRC users, who want to avoid
> systemd?
systemd-tmpfiles != systemd. Despite the claims that systemd is
monolithic, it is not. It is a
On Sunday, 6 December 2020 07:55:29 GMT Martin Vaeth wrote:
> Dale wrote:
> > It sounds like a rather rare problem. Maybe even only during boot up.
>
> It is a non-existent problem on openrc if you clean /tmp and /var/tmp
> on boot (which you should do if you use opentmp):
>
> The purpose of ope
Dale wrote:
>
> It sounds like a rather rare problem. Maybe even only during boot up.
It is a non-existent problem on openrc if you clean /tmp and /var/tmp
on boot (which you should do if you use opentmp):
The purpose of opentmpfiles is to fill these directories with
certain data during boot, an
15 matches
Mail list logo
