Request 921086 (accepted)

Overview

Request 921086 accepted

Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort

Created by jsegitz about 3 years ago
In state accepted
Package maintainer: pevik

Submit iputils

Comments for request 921086 0

Request History

jsegitz created request about 3 years ago

Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort

pevik accepted request about 3 years ago

systemd doc [1] notes that ProtectKernelLogs disables syscall syslog(2), but libc syslog(3) and vsyslog(3) are supported because that are used in rdisc.c [2], when run with -d (which we don't use anyway). I also verified that it prints to syslog when run with -d.

Thanks!

[1] https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProtectKernelLogs=
[2] https://github.com/iputils/iputils/blob/master/rdisc.c

Places

Overview