DEV Community

loading...

Systemd security w/o User directive

Peter Timoshevsky
I'm a hacker, in the original sense of the word
・1 min read

So every systemd service whose unit file has no User directive runs as the root user. Are there any security implications of this? Should I not run untrusted code as a service w/o using User directive or does systemd have some sort of permission sandboxing even though the processes run as root?

Discussion (1)

Collapse
fcfn profile image
Peter Timoshevsky Author

I guess no security measures are taken by default, as there is a bunch of things you can do to sandbox services the way you want.