journal,coredump: do not do ACL magic for "nobody" user either

The "nobody" user might possibly be seen by the journal or coredumping
code if unmapped userns-using processes are somehow visible to them.
Let's make sure we don't do the ACL magic for this user either, since
this is a special system user that might be backed by different real
users in different contexts.

diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index cf56a8ad2673481870d79277d3b9b001b8d2b9c1..ead04d4ee153f24ab8a0af2b3cb7bec0ed246cd8 100644 (file)
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -165,7 +165,7 @@ static int fix_acl(int fd, uid_t uid) {
 
         assert(fd >= 0);
 
-        if (uid_is_system(uid) || uid_is_dynamic(uid))
+        if (uid_is_system(uid) || uid_is_dynamic(uid) || uid == UID_NOBODY)
                 return 0;
 
         /* Make sure normal users can read (but not write or delete)

diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 06c64a46e2ee4745435353cb20ce57fc3f699583..3da3dad2309a316d42e18c856bc1e0a7bc7520c1 100644 (file)
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -248,7 +248,7 @@ static void server_add_acls(JournalFile *f, uid_t uid) {
         assert(f);
 
 #if HAVE_ACL
-        if (uid_is_system(uid) || uid_is_dynamic(uid))
+        if (uid_is_system(uid) || uid_is_dynamic(uid) || uid == UID_NOBODY)
                 return;
 
         r = add_acls_for_user(f->fd, uid);
@@ -406,7 +406,7 @@ static JournalFile* find_journal(Server *s, uid_t uid) {
         if (s->runtime_journal)
                 return s->runtime_journal;
 
-        if (uid_is_system(uid) || uid_is_dynamic(uid))
+        if (uid_is_system(uid) || uid_is_dynamic(uid) || uid == UID_NOBODY)
                 return s->system_journal;
 
         r = sd_id128_get_machine(&machine);