Hi On Tue, Jul 21, 2015 at 1:24 PM, Florian Weimer <[email protected]> wrote: > And that's fine. But doing hardening for UID=0 services seems a very > bad practice to me because it looks like someone is assuming that UID=0 > without capabilities is just another “nobody” user. Which is not > surprising, because capabilities are often advertised that way.
The capability restrictions are used as additional access restrictions. They're never treated as ultimate/definite restriction. If a service runs as uid=0, then there's usually an immediate need for it. In most cases we drop access rights after setup. The only exceptions I'm aware of are logind and pid1, which require uid=0 (if run on host). Thanks David _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
