On Fri, Aug 21, 2015 at 01:10:51PM +0300, Mantas Mikulėnas wrote: <snip>
> > > > i think it kind of sucks that systemctl --user list-units can be used to > > determine who is currently logged in. ( it shows active mount units for > > XDG_RUNTIME_DIR and since those have UID as name you can see who is > > logged in. > > > > Hmm, and `findmnt` doesn't? unpriv users do not have access to mount or findmount in my system, and for example df -h does not list them because the user is not allowed to get attributes of tmpfs file systems. So /run/user mounts do not show up in df -h > > `systemd --user` runs with the same privileges as the user, anyway. So if > your SELinux policy is more permissive to systemd than regular programs, > it's a bit weird, not to mention possibly insecure. From an SEinux policy perspective systemd-user has more permissions than the user shell in my policy. However systemd-user will run whatever it can run with the permissions of the user shell and not with its own permissions. So you cannot use systemd-user to escalate privileges (although that is the design. I may have overlooked stuff as it is pretty complex to contain.) I am pretty sure that some bright person can find some "holes" in my policy but its far better than no selinux at all and its better than Fedoras' current selinux policy for restricted users > > -- > Mantas Mikulėnas <[email protected]> -- 02DFF788 4D30 903A 1CF3 B756 FB48 1514 3148 83A2 02DF F788 http://keys.gnupg.net/pks/lookup?op=vindex&search=0x314883A202DFF788 Dominick Grift
pgpNZmfN8MOtq.pgp
Description: PGP signature
_______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
