:(){ :|: };: is a user on infosec.exchange. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
:(){ :|: };: @jgoguen

Systemd has a bug where user names starting with a digit cause the user daemon to run with root privileges. According to the creator of systemd, this is not a bug and everything is fine. The reason everything is fine is because names like this, which are explicitly permitted by the base standards, are forbidden and tools shouldn't allow creating these names, so it's a bug in the tools for permitting names permitted by the standard.

Fsck systemd.

github.com/systemd/systemd/iss

· Web · 32 · 34

@jgoguen Yeah, it's a bug which should probably be fixed (hopefully Poettering will come to that decision, too).
Nevertheless it's not the end of the world: You need a root user to create a service file with an invalid user name first and then have the admin not read the logs after this.

@schmittlauch @jgoguen poettering is an incompetent, centralistic null and systemd is a sack of shit. EOF.

@schmittlauch @jgoguen @XOR Has anyone tested how non-Systemd systems handle the same issue?

@rochelimit @schmittlauch @XOR On BSD and pre-systemd systems, even systemd using "not systemd" to start the process, this works as expected. There's some exceptions where some tools refuse to allow you to create users named like this, but if you do it anyway you don't end up with a user process running as root.

@schmittlauch Never have I ever convinced an admin to install a package without checking the contents nor the post-install scripts ;)

Also never have I ever seen an admin who doesn't even know where to look for various logs…

@jgoguen How could a filesystem check help here? Can't find anything about this exploit in man fsck.

@astralboy There's a one-letter replacement in "fsck" that would require a language warning on this. It's also what people generally say when they have to run fsck ;-)

@jgoguen this is 90s Microsoft. Policy was to implement the standard how they thought it should work, not what the standard actually said.

@squinky Embrace, Extend, Extinguish! I remember this -_-