Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Platform services must NOT run as root and MUST use a dedicated system user

Description

Most (all?) system daemons should run with a dedicated user and optionally a dedicated group and SMACK label.
Also, the service should be run with a minimal set of capabilities(7).

For more information, check the security blueprint

Daemons to secure include (list is not exhaustive and may depend on profiles):

  • weston / weston-keyboard

  • dbus

  • journald/syslogd/klogd

  • bluez

  • ofono

  • connman + WPA supplicant

  • neard (NFC)

  • pulseaudio (depending on it's in the user session or not)

  • AudioManager + DLT (still used ?)

  • security-manager (if not removed)

  • lightmediascanner / rygel

  • MostNetworkManager

Inidividual issues (subtasks) should be created for each case.

Environment

None

Attachments

1
100% Done
Loading...

Activity

Show:

Jan-Simon Moeller 
May 6, 2021 at 12:12 PM

Closing. Reopen if necessary.

Stephane Desneux 
September 3, 2020 at 1:08 PM

Sorry , we don't have time currently to investigate on this topic. I suggest to let it open or to reassign to someone else.

Walt Miner 
September 2, 2020 at 12:02 PM

Can you create some sub-task tickets for some services that still need to be worked on so I can assign those out? 

jose bollo 
September 2, 2020 at 11:29 AM

From lines 92 to 97 of service.inc (see [1]) the answer is yes.

But some services still run as root. The framework itself is an example.

[1] https://git.automotivelinux.org/src/app-framework-main/tree/conf/unit/service.inc#n94

Walt Miner 
September 1, 2020 at 1:54 PM

. Is this issue complete?  Can it be RESOLVED?

Incomplete

Details

Assignee

Reporter

Labels

Contract ID

Components

Affects versions

Priority

Created April 18, 2017 at 1:08 PM
Updated July 13, 2021 at 4:35 PM
Resolved May 6, 2021 at 12:12 PM