From 6a010ac9e5aa585637b4b79df92f8ca5537faf71 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 4 Jun 2014 09:55:40 +0200 Subject: bus-proxy: drop priviliges if we can Either become uid/gid of the client we have been forked for, or become the "systemd-bus-proxy" user if the client was root. We retain CAP_IPC_OWNER so that we can tell kdbus we are actually our own client. --- units/systemd-bus-proxyd@.service.in | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'units/systemd-bus-proxyd@.service.in') diff --git a/units/systemd-bus-proxyd@.service.in b/units/systemd-bus-proxyd@.service.in index fafd4ce033..3dc2cd9e65 100644 --- a/units/systemd-bus-proxyd@.service.in +++ b/units/systemd-bus-proxyd@.service.in @@ -12,9 +12,11 @@ Description=Legacy D-Bus Protocol Compatibility Daemon # The first argument will be replaced by the service by information on # the process requesting the proxy, we need a placeholder to keep the # space available for this. -ExecStart=@rootlibexecdir@/systemd-bus-proxyd xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +ExecStart=@rootlibexecdir@/systemd-bus-proxyd --drop-privileges xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx NotifyAccess=main -CapabilityBoundingSet=CAP_IPC_OWNER +CapabilityBoundingSet=CAP_IPC_OWNER CAP_SETUID CAP_SETGID CAP_SETPCAP PrivateTmp=yes PrivateDevices=yes PrivateNetwork=yes +ReadOnlySystem=yes +ProtectedHome=yes -- cgit v1.2.3-54-g00ecf