On Di, 16.10.18 18:14, Amish (anon.amish@xxxxxxxxx) wrote: > Hello, > > I am interested in knowing how safe D and R directives for tmpfiles.d are? > > If by some accident OR some packagers malicious intent - someone places a > file with "R /" in tmpfiles.d, would this erase everything? We refuse requests to delete the root dir: https://github.com/systemd/systemd/blob/master/src/basic/rm-rf.c#L168 > Does systemd have a way of specifying that R and D should be applicable only > for /tmp or /var/{cache,run,tmp} only? When you invoke the systemd-tmpfiles binary you could specify --prefix= to drop it's effect on non-listed prefixes. > I could not locate anything on man page. see systemd-tmpfiles(8). Generally though: the directories where systemd-tmpfiles reads its configuration from are owned by root and not writable by unprivileged users. Moreover, the snippets are nothing you sloppily enter on the command line, it's not a user-facing concept. Hence there's much less chance to be misused on purpose or by accident. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: How safe are D and R directives for systemd-tmpfiles?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: How safe are D and R directives for systemd-tmpfiles?
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Tue, 16 Oct 2018 15:33:07 +0200
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <562a1e7b-0914-d1ff-5179-37a1dd62c4f8@gmail.com>
- References: <562a1e7b-0914-d1ff-5179-37a1dd62c4f8@gmail.com>
- Follow-Ups:
- References:
- Prev by Date: How safe are D and R directives for systemd-tmpfiles?
- Next by Date: Global nspawn container settings
- Previous by thread: How safe are D and R directives for systemd-tmpfiles?
- Next by thread: Re: How safe are D and R directives for systemd-tmpfiles?
- Index(es):
 |