git-history.diyao.me Git - systemd/.git/commit

author	Lennart Poettering <lennart@poettering.net>
	Wed, 20 Mar 2019 19:19:38 +0000 (20:19 +0100)
committer	The Plumber <50238977+systemd-rhel-bot@users.noreply.github.com>
	Wed, 19 Feb 2020 13:56:29 +0000 (14:56 +0100)
commit	11f5677752f9b78239214b3064e5a2c3712d71b1
tree	011230085f5c6131a4e2b083a0034c1f7933c7c7	tree \| snapshot
parent	b0573f1a6f8022aed4954d5ca19cc037d25cd5e7	commit \| diff

core: imply NNP and SUID/SGID restriction for DynamicUser=yes service

Let's be safe, rather than sorry. This way DynamicUser=yes services can
neither take benefit of, nor create SUID/SGID binaries.

Given that DynamicUser= is a recent addition only we should be able to
get away with turning this on, even though this is strictly speaking a
binary compatibility breakage.

(cherry picked from commit bf65b7e0c9fc215897b676ab9a7c9d1c688143ba)
Resolves: #1687512

man/systemd.exec.xml		diff \| blob \| history
src/core/unit.c		diff \| blob \| history

https://github.com/systemd/systemd.git

RSS Atom