Bug#837183: systemd: unprivileged call to systemd-resolve starts systemd-resolved even when masked
Michael Biebl
biebl at debian.org
Fri Sep 9 22:33:52 BST 2016
Am 09.09.2016 um 22:47 schrieb Brian Kroth:
> Package: systemd
> Version: 230-7~bpo8+2
> Severity: normal
> Tags: security
>
> Dear Maintainer,
>
> systemd appears to start systemd-resolved, even when it's been masked,
> in the background even when an unprivileged user calls systemd-resolve.
>
> However, calls to start the service manually via systemctl are rejected
> (correctly).
>
> This seems like an error and a potential security issue.
>
> Details on my test and setup are as follows. Let me know if you have
> any questions or need any other information.
I assume you have libnss-resolve installed and enabled (in /etc/nsswitch)?
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20160909/bc2f53e9/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list