]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b9e5a58) | patch
systemd: refuse to load units with errors (CVE-2017-1000082)
authorRoss Burton <ross.burton@intel.com>
Fri, 4 Aug 2017 16:27:00 +0000 (17:27 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 29 Aug 2017 14:11:40 +0000 (15:11 +0100)
commite56cb926c170f493ee2a9c4c63d0ecbf883d4685
treeae7e3a98b9212a7dbfddf826138034bd52e95cdbtree | snapshot
parentb9e5a58f64e45be37b9532b20bf22d91257abbd6commit | diff
systemd: refuse to load units with errors (CVE-2017-1000082)

If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.

Backport a patch from upstream to mitigate this by refusing to start units such
as this.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-core/systemd/systemd/validate-user.patch [new file with mode: 0644] blob
meta/recipes-core/systemd/systemd_230.bb diff | blob | history
Mirror of the official openembedded-core repository