Bug#890891: systemd: PID1 getting stuck printing "systemd[1]: Time has been changed" continuously
Michael Biebl
biebl at debian.org
Tue Feb 20 13:09:21 GMT 2018
Am 20.02.2018 um 13:57 schrieb Gert Wollny:
> Am Dienstag, den 20.02.2018, 13:33 +0100 schrieb Michael Biebl:
>> Am
>>
>>> make it lock up in this loop, but if someone can spoof this kind of
>>> message and the system locks up because of this, wouldn't this be a
>>> typical DoS attack?
>>
>> How could an unprivileged user spoof such messages?
>
> I am by no means a security expert, but doesn't the story usually go:
> someone finds a bug that allows an escalation of rights that allows
> them to do certain things, in the extreme case they can open a root
> shell, in another case they may be able to set the RTC to a bogus value
> that triggers the kernel to flood timerfd with messages that lock up
> the system. Of course that is not a very likely scenario, but to me it
> seems possible.
If an attacker can get a root shell, you have lost anyway.
As for the other cases, those are all hypothetical at this point, right?
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20180220/e892bfcd/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list