]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fd3b207) | patch
core: add 'DefaultRestrictSUIDSGID' config option
authorGrimmauld <Grimmauld@grimmauld.de>
Tue, 8 Jul 2025 19:21:25 +0000 (21:21 +0200)
committerGrimmauld <Grimmauld@grimmauld.de>
Wed, 9 Jul 2025 09:08:34 +0000 (11:08 +0200)
commit30bbdf07710960c135c36723a2cb063c0a3abb5d
treefcc3fe5001305a9aba5dfbf0c127109341a59c3atree | snapshot
parentfd3b2070111e7830721ec9204f8fcdd7baac9074commit | diff
core: add 'DefaultRestrictSUIDSGID' config option

closes #37602

On typical systems, only few services need to create SUID/SGID files.
This often is limited to the user explicitly setting suid/sgid, the
`systemd-tmpfiles*` services, and the package manager. Allowing a default
to globally restrict creation of suid/sgid files makes it easier to apply
this restriction precisely.
src/core/main.c diff | blob | blame | history
src/core/manager.c diff | blob | blame | history
src/core/manager.h diff | blob | blame | history
src/core/system.conf.in diff | blob | blame | history
src/core/unit.c diff | blob | blame | history
src/core/user.conf.in diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.