On Mon, Sep 22, 2014 at 10:35:59AM +0900, Joel Rees wrote: > 2014/09/22 5:21 "Ansgar Burchardt" <ans...@43-1.org>: > > > > Hi Joel, > > > > Joel Rees <joel.r...@gmail.com> writes: > > > (6) systemd and cgroups (at minimum) end up overriding the permissions > > > system. It's bad enough having SELinux and ACLs brought in to knock > > > holes in the permissions system, but when arbitrary non-kernel system > > > functions start getting their hands into the equation, there is no way > > > to be sure that when you set any particular file under /etc or under > > > ~/ -- including /etc/ssh and ~/.shh -- as mode 740, that the effective > > > permissions don't end up 666 or 1147. In this case, even pid 1 is a > > > group of arbitrary non-kernel functions. > > > > > > Permissions and race conditions are not the only ways that the > > > modularity of these technologies is broken. I'm not going to try to > > > enumerate them here. > > > > I'm interested how use of systemd and cgroups will make a file in > > /etc/ssh or ~/.ssh change effective permissions. Could you explain that > > in simple, reproducible steps? > > When I can, I'll file a bug report. If ever. > > I know the theory, so I don't use those, so it's not a high priority for me. > > If you are interested, read the manuals,do the math, it falls out, even > though the manuals are written with a certain bias.
So why post what you did above? Could you please stop spreading FUD! -- "If you're not careful, the newspapers will have you hating the people who are being oppressed, and loving the people who are doing the oppressing." --- Malcolm X -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140922142730.GG21153@tal
