From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3BC53C3A59C for ; Fri, 16 Aug 2019 10:00:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 0F9A22173B for ; Fri, 16 Aug 2019 10:00:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727116AbfHPKAN (ORCPT ); Fri, 16 Aug 2019 06:00:13 -0400 Received: from Galois.linutronix.de ([193.142.43.55]:41897 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727104AbfHPKAM (ORCPT ); Fri, 16 Aug 2019 06:00:12 -0400 Received: from [5.158.153.52] (helo=nanos.tec.linutronix.de) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1hyZ1X-0007B7-9x; Fri, 16 Aug 2019 11:59:55 +0200 Date: Fri, 16 Aug 2019 11:59:54 +0200 (CEST) From: Thomas Gleixner To: Jordan Glover cc: Alexei Starovoitov , Andy Lutomirski , Daniel Colascione , Song Liu , Kees Cook , Networking , bpf , Alexei Starovoitov , Daniel Borkmann , Kernel Team , Lorenz Bauer , Jann Horn , Greg KH , Linux API , LSM List Subject: Re: [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf In-Reply-To: Message-ID: References: <20190806011134.p5baub5l3t5fkmou@ast-mbp> <20190814005737.4qg6wh4a53vmso2v@ast-mbp> <20190814220545.co5pucyo5jk3weiv@ast-mbp.dhcp.thefacebook.com> <20190815172856.yoqvgu2yfrgbkowu@ast-mbp.dhcp.thefacebook.com> <20190815230808.2o2qe7a72cwdce2m@ast-mbp.dhcp.thefacebook.com> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: On Fri, 16 Aug 2019, Jordan Glover wrote: > "systemd --user" service? Trying to do so will fail with: > "Failed to apply ambient capabilities (before UID change): Operation not permitted" > > I think it's crucial to clear that point to avoid confusion in this discussion > where people are talking about different things. > > On the other hand running "systemd --system" service with: > > User=nobody > AmbientCapabilities=CAP_NET_ADMIN > > is perfectly legit and clears some security concerns as only privileged user > can start such service. While we are at it, can we please stop looking at this from a systemd only perspective. There is a world outside of systemd. Thanks, tglx