The attacker is a robot trying to copy a *.service to /etc/systemd/services. This single measure may keep me in business.
Thanks for the information.
On Sun, Jun 13, 2021 at 11:45 AM Silvio Knizek <killermoehre@xxxxxxx> wrote:
Am Sonntag, dem 13.06.2021 um 10:49 -0400 schrieb Saint Michael:
> This is not a human attacker, but a robot. My question is: if I apply
> chattr +i to $(pkg-config --variable=systemdsystemconfdir systemd),
> will the OS continue to work fine or this is nonsense?
> Philip
Systemd will work totally fine (except »systemctl edit« probably). But
the point stays: if your attacker has root rights, nothing prevents
them for setting »chattr -i« on the confdir. So IMHO your approach is
futile.
BR
Silvio
_______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
