]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b9ea646)
coredump: set ProtectHome to read-only
authorEtienne Cordonnier <ecordonnier@snap.com>
Fri, 6 Sep 2024 08:36:28 +0000 (10:36 +0200)
committerLennart Poettering <lennart@poettering.net>
Fri, 6 Sep 2024 11:30:36 +0000 (13:30 +0200)
In https://github.com/systemd/systemd/pull/5283/commits/924453c22599cc246746a0233b2f52a27ade0819
ProtectHome was set to true for systemd-coredump in order to reduce risk, since an attacker could craft a malicious binary in order to compromise systemd-coredump.
At that point the object analysis was done in the main systemd-coredump process.
Because of this systemd-coredump is unable to product symbolicated call-stacks for binaries running under /home ("n/a" is shown instead of function names).

However, later in https://github.com/systemd/systemd/commit/61aea456c12c54f49c4a76259af130e576130ce9 systemd-coredump was changed to do the object analysis in a forked process,
covering those security concerns.

Let's set ProtectHome to read-only so that systemd-coredump produces symbolicated call-stacks for processes running under /home.

units/systemd-coredump@.service.in patch | blob | blame | history

diff --git a/units/systemd-coredump@.service.in b/units/systemd-coredump@.service.in
index 012c60d2f6848067e9122e46ce9aaa4b116e444e..fa3206d07b5dfecd91a1889b86de079b6e5ec0b8 100644 (file)
--- a/units/systemd-coredump@.service.in
+++ b/units/systemd-coredump@.service.in
@@ -28,7 +28,7 @@ PrivateDevices=yes
 PrivateNetwork=yes
 PrivateTmp=yes
 ProtectControlGroups=yes
-ProtectHome=yes
+ProtectHome=read-only
 ProtectHostname=yes
 ProtectKernelModules=yes
 ProtectKernelTunables=yes
Unnamed repository; edit this file 'description' to name the repository.