Hacker News new | past | comments | ask | show | jobs | submit login

The attack vector this article doesn't mention is systems where systemd unit files are generated automatically.

For example, on some shared clusters I used there was a capability to request a service run as your user. This was before systemd at the time so it would end up generating an /etc/init.d entry, but I imagine a modern equivalent might generate a unit file.

So this article downplays the vulnerability a bit by claiming you have to trick a sysadmin when you could actually just use an automated service management system.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact