Skribent: marc Dato: Til: dng Emne: Re: [DNG] new freedesktop "standard": /etc/machine-id
> Le 09/03/2019 ?? 10:03, Didier Kryn a ??crit??: > >Le 09/03/2019 ?? 09:34, golinux@??? a ??crit??:
> >>I'd recommend adding an inotify rule to record which processes
> >>look at these files, and publishing this - here.
> >
> >Unfortunately inotify doesn't tell which process accessed the file
> >)~:
>
> But fanotify() is perfectly suited (~:
Excellent. There are also tricks involving the audit subsystem, maybe
fuse and certainly strace (strace -e open). I have checked some of my
systems and so far I can see
dnsmasq
udev
dbus
systemd-*
looking at machine ids. Dnsmasq might warrant a close look - hopefully
that id does not get disclosed during dhcp negotiation...
The other three in that list I disable whenever possible already, and
the above provides yet further confirmation this is prudent.