loading...

Systemd security w/o User directive

fcfn profile image Peter Timoshevsky ・1 min read

So every systemd service whose unit file has no User directive runs as the root user. Are there any security implications of this? Should I not run untrusted code as a service w/o using User directive or does systemd have some sort of permission sandboxing even though the processes run as root?

Discussion

markdown guide
 

I guess no security measures are taken by default, as there is a bunch of things you can do to sandbox services the way you want.