Bug#990349: systemd-sysusers keeps creating systemd-timesync and systemd-coredump
Christoph Anton Mitterer
calestyo at scientia.net
Sun Jun 27 14:19:40 BST 2021
On Sun, 2021-06-27 at 15:00 +0200, Michael Biebl wrote:
> I fail to see the security benefit here? What do we gain by (not)
> pre-allocating a system group like systemd-coredump?
Well it's not a big issue... but as always: something that is not even
there, may not be abused in the first place.
> That said, keep in mind that we have stuff like irc, news, uucp,
> gnats??? in /usr/share/base-passwd/passwd.master that I never used in
> my
> life.
>
> If we are going down this road, shouldn't we clean up base-passwd
> first
> to get rid of system users/groups which are from the last millennia?
Probably, but that leads even further down the road, i.e. the question
of how Debian handles system user allocations.
Currently there seems to be no real policy at all, most packages simply
assume some name they'd be able to use,...
There is e.g. no checking whether the name is actually free.
Just consider any local user/group sudo had been created before, and
then sudo is installed.
Sure one can say: sudo is well known, and it's the admin's own fault.
But an admin can never know any possible names which might ever get
used by some package and imply privileges.
Similar problem exists IMO with the policy to not clean up user/group
names... but also when cleaning them up.
Cheers,
Chris.
More information about the Pkg-systemd-maintainers
mailing list