:: Re: [DNG] systemd allows elevated a…
Página Inicial
Delete this message
Reply to this message
Autor: Evilham
Data:  
Para: dng
Assunto: Re: [DNG] systemd allows elevated access from unit files?
Am 03/07/2017 um 17:57 schrieb KatolaZ:
> On Mon, Jul 03, 2017 at 10:45:29AM -0500, dev wrote:
>> On 07/03/2017 10:40 AM, Evilham wrote:
>> <snip>
>>
>>> That's the thing, we can do that :-) probably should, but the "right
>>> way" (from a standards point of view) would be to actually allow those
>>> names ^^ not to disallow them. So instead of modifying the way useradd
>>> works, the way adduser works should be fixed (so, shadow).
>>
>> That was easy ;) Seems to be a flag for that.
>>
>> # adduser 0day --force-badname
>> Allowing use of questionable username.
>> Adding user `0day' ...
>> Adding new group `0day' (1000) ...
>> Adding new user `0day' (1000) with group `0day' ...
>> Creating home directory `/home/0day' ...
>> Copying files from `/etc/skel' ...
>> Enter new UNIX password:
>
> When you think to have found something totally wrong in unix, you most
> probably have not looked deep enough :)


Yeah, there's also some env var that can be set. My point was taht the
names are not allowed by default with some tools but with others they
are and they are OK according to the standard, and that makes it quirky.

Although I think it'd be better if they were allowed by default
(consistency + standard compliance), TBH I'd be totally ok with not
touching either adduser nor useradd; it's only an issue with disastrous
decisions somewhere else.
--
Evilham