On 2025-05-09 08:20, Boyuan Yang wrote:
Just a reminder: if you are trying to report a sensitive security issue: DO NOT post on debian-devel or other public mailing lists to avoid disclosing it to the public in an unwanted way. Please contact Debian Security Team via secur...@debian.org . If it is about some generic technical discussion, using debian-devel is suitable.
So, my mail is definitely being blocked based on the content. I wont name the specific package, but it involves running code as root that does not need to be, because a systemd user unit is being started for the root user. I really don't think hiding the details (in this specific case) protects anybody, and honestly I think it reduces everyone's safety. The reason I want to post this to debian-devel is because I'd like to discuss a generic approach to ensuring that systemd user units that are inappropriate for privileged users to start. In particular, I'm advocating for some systemd target that would Conflicts= with units that would have ConditionUser=!root so that administrators could easily prevent things like drkonqi from starting in sensitive user sessions. I'd also like to confirm there is a policy (or at least agreement) that running code as root unnecessarily is a problem. I bring that up because I'm concerned that the bug I filed may go ignored. Best, Antonio
