Do not start mpris-proxy for root user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

A default installation of bluez results in the systemd user unit
mpris-proxy.service being started for all users---including root.
This unnecessarily exposes root to any security vulnerability in
mpris-proxy.

Please consider the following trivial patch that changes this
default behavior.

Best,
Antonio Russo


From d9e02494e661109607c073968fa352c1397a1ffb Mon Sep 17 00:00:00 2001
From: Antonio Enrico Russo <aerusso@xxxxxxxxxxx>
Date: Sun, 26 Jan 2025 08:00:26 -0700
Subject: [PATCH] Do not start mpris-proxy for root user

A default installation of bluez results in the systemd user unit
mpris-proxy.service being started for all users---including root.
This unnecessarily exposes root to any security vulnerability in
mpris-proxy.

Inhibit this default behavior by using ConditionUser=!root.

Signed-off-by: Antonio Enrico Russo <aerusso@xxxxxxxxxxx>
---
 tools/mpris-proxy.service.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tools/mpris-proxy.service.in b/tools/mpris-proxy.service.in
index 5307490..118ed6e 100644
--- a/tools/mpris-proxy.service.in
+++ b/tools/mpris-proxy.service.in
@@ -4,6 +4,7 @@ Documentation=man:mpris-proxy(1)
Wants=dbus.socket 
 After=dbus.socket
+ConditionUser=!root
[Service] 
 Type=simple
--
2.48.1

Attachment: OpenPGP_0x72DB026E04C1C768.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux