|
Message-ID: <65f3c8fc-60f9-a678-1ed4-6461fa7a31f5@gentoo.org>
Date: Thu, 6 Jul 2017 00:12:37 +0200
From: Kristian Fiskerstrand <k_f@...too.org>
To: oss-security@...ts.openwall.com, Simon McVittie <smcv@...ian.org>
Subject: Re: systemd fails to parse user that should run
service
On 07/06/2017 12:02 AM, Kristian Fiskerstrand wrote:
> On 07/05/2017 11:58 PM, Simon McVittie wrote:
>> systemd does have a (public, and publically-archived) mailing list, which
>> has a current thread on the subject of this issue.
>>
>> In particular the mail in that thread from Felipe Sateler, and some of
>> the discussion on the upstream bug, touches on reasons why neither
>> "if anything is not as expected, reject the whole unit" nor the current
>> behaviour is right. I suspect the resolution is likely to be something
>> in between.
>
> It would be useful with a reference to the thread in question so this
> can be further looked into.
>
I expect this is the post in question:
https://lists.freedesktop.org/archives/systemd-devel/2017-July/039168.html
,
The post seems to be arguing, without much ambiguity, for a fatal error
on username not existing or not considered valid (which seems like
sensible behavior to me)
--
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.