New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
setuid on polkit #32757
Comments
How is it systemd problem? Should not it be reported to polkit project? Unless you suggest replacing polkit with completely different implementation. |
For starters the claim that is made
Why? Polkit never claimed to be a non-setuid tool and I am pretty sure that this is intentional.
Depends. Maybe I am missing something, maybe there are other ways to configure it? I just know that if I disable |
This was brought up in the original issue discussing about the potential implementation of But still, this is not our bug. I do agree that statements like "setuid can be fully disabled immediately/now with run0" are pretty misleading, but that kind of advertisement never appeared in the systemd codebase. |
Kind of a gray area in this statement as it's technically correct, depending on how you look at the concept if "implementation". I would still argue that it's misleading as most will and have assumed that Especially when combined with the next part:
Which firmly states that this can operate without Again, I like |
Bring this to the polkit tracker as an RFE, there's nothing that can be done here. Also note that unlike sudo, polkit's suid binary will not process and run untrusted user payloads, so it's a very, very different situation |
In fact as pointed out by Mike there's already an RFE that provides two possible solutions, so you can start working on that immediately if you want to: https://gitlab.freedesktop.org/polkit/polkit/-/issues/168 |
I think you have the wrong idea here.
Once you launch a root shell, whether this be with |
Once again, you are wasting your time, arguing on this bug tracker is not going to achieve anything, you'd be better off spending the time to implement the linked polkit RFE instead |
The polkit project has also migrated over to github, the new RFE is at polkit-org/polkit#169 |
systemd version the issue has been seen with
256
Used distribution
Debian Testing
Linux kernel version used
6.6.15
CPU architectures issue was seen on
x86_64
Component
No response
Expected behaviour you didn't see
Since
run0
was introduced as a replacement forsudo
on the grounds thatsetuid
is a security risk, I expected this to work on a system withsetuid
disabled.Unexpected behaviour you saw
It seams that polkit depends on
setuid
and therebyrun0
will depend on and use it indirectly. This would mean that the whole idea ofrun0
is mot, which I hope is not the case. I like the idea and have never really been a big fan of the setuid concept. But in order to be a valid replacement for thesetuid
method, it needs to work on systems with this "feature" disabled. Otherwise there is no reason for it to exist.Steps to reproduce the problem
systemd-run
directly./
with thenosuid
option.run0
as a normal user in the allowed group.Additional program output to the terminal or log subsystem illustrating the issue
The text was updated successfully, but these errors were encountered: