|
Message-ID: <20170705222806.u44tcrhruczgpkb7@perpetual.pseudorandom.co.uk> Date: Wed, 5 Jul 2017 23:28:06 +0100 From: Simon McVittie <smcv@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: systemd fails to parse user that should run service On Thu, 06 Jul 2017 at 00:02:58 +0200, Kristian Fiskerstrand wrote: > On 07/05/2017 11:58 PM, Simon McVittie wrote: > > systemd does have a (public, and publically-archived) mailing list, which > > has a current thread on the subject of this issue. > > > > In particular the mail in that thread from Felipe Sateler, and some of > > the discussion on the upstream bug, touches on reasons why neither > > "if anything is not as expected, reject the whole unit" nor the current > > behaviour is right. I suspect the resolution is likely to be something > > in between. > > It would be useful with a reference to the thread in question so this > can be further looked into. The systemd mailing list is indexed by major search engines. I deliberately didn't provide a link, in the hope that a small barrier to entry will lead to fewer responses reiterating what has already been said, and a correspondingly greater chance of a response not getting lost in the noise from someone who has read the context and will propose a patch that achieves the desired result without breaking intended functionality (in particular "graceful degradation" when units released in upstream projects are interpreted by an older systemd, so that upstreams can opt-in to new security hardening flags without making their software inoperable in currently-deployed systemd versions). Of course, if I was an exemplary open source developer I would have been spending my free time on writing that patch instead of getting drawn into conversations on oss-security, so perhaps this is partially my fault now. S
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.