Bug#1093870: systemd: enable tty-mode=0600 for trixie
Luca Boccassi
bluca at debian.org
Fri Jan 24 09:56:57 GMT 2025
On Fri, 24 Jan 2025 01:38:21 +0100 Chris Hofstaedtler <zeha at debian.org>
wrote:
> Control: tags -1 - moreinfo
>
> On Thu, Jan 23, 2025 at 07:18:39PM +0000, Luca Boccassi wrote:
> > On Thu, 23 Jan 2025 18:17:28 +0100 Chris Hofstaedtler
<zeha at debian.org>
> > wrote:
> > > Source: systemd
> > > Version: 257.2-2
> > >
> > > please apply this commit to the systemd that trixie will get:
> > >
> > >
> >
https://github.com/systemd/systemd/commit/a4d18914751e687c9e44f22fe4e5f95b843a45c8
> > >
> > > It already changes the default to the value that we want (0600).
> >
> > This is quite an invasive patch, that would make stable release
> > maintenance more painful and time consuming. Can it not wait for
Forky?
> > Are there any pressing issues that would be solved with this
backport?
>
> The old defaults are a partial security problem (depending on who
> you ask). Previously users could call "mesg n" to be safe, and some
> root bashrcs seem to do that (maybe even by default in some
> releases).
Can you please clarify the security problem it solves on the upstream
PR? If that's the case then it's a candidate for upstream stable
backports too, and then it can be picked from there
More information about the Pkg-systemd-maintainers
mailing list