back to article Create a user called '0day', get bonus root privs – thanks, Systemd!

To obtain root privileges on a Linux distribution that utilizes systemd for initialization, start with an invalid user name in the systemd.unit file. Linux usernames are not supposed to begin with numbers, to avoid ambiguity between numeric UIDs and alphanumeric user names. Nevertheless, some modern Linux distributions, like …

Page:

  1. cbars

    Arghhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh

    Fucking Poettering.

    That is all.

    1. Graham Dawson
    2. thames

      This is classic Poettering. "I never make mistakes, if it doesn't work you must be doing something wrong". Too many of the Systemd "team" think the same way.

      Does anyone remember this previous el Reg story? https://www.theregister.co.uk/2014/04/05/torvalds_sievers_dust_up/

      Here's Linux Torvalds firing a torpedo at Systemd developer Kay Sievers after a Systemd bug made Linux systems unbootable and the Systemd "team" refused to fix it, saying that everyone else had to rewrite their code to work around it because Systemd was perfect:

      "Key, [sic] I'm f*cking tired of the fact that you don't fix problems in the code *you* write, so that the kernel then has to work around the problems you cause," Torvalds fumed, adding that he wouldn't merge any more of Sievers' code into the kernel until he cleans up his act.

      As we can see, nothing has really changed since that was written in 2014.

    3. Dan 55 Silver badge
      Facepalm

      Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this.

      Red Hat you say? That place where Poettering works?

      As you say, fucking Poettering.

      1. John Smith 19 Gold badge
        Unhappy

        "Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this."

        OK this guy sounds like the classic "My code is soooo precious" programmer but why do these (and only these) distros do this?

        Does systemd do it to be compatible with them?

        Under what circumstances is this behavior actually useful?

        I can't think of a reason, other than some one cocked up development and others are playing follow-the-leader but is that the case?

        1. Dan 55 Silver badge

          Re: "Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this."

          It doesn't matter if it's useful or not, it's used in some distributions and systemd should be able to cope with it.

          And someone at Red Hat should remind him who he works for and force him to open that bug again and fix it as otherwise it's a potential security problem on their own OS.

          1. Eddy Ito Silver badge
            Trollface

            Re: "Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this."

            There's an easy explanation for why it behaves this way. It's for the special super users 5eyes and 4NSAonly.

            Just one icon? Ok, I'll go with this one.

      2. td0s

        I remember trying to get support on the pulse audio mailing list - another of his fine creations, and being told (by Lennart) it was buggy alsa drivers that were at fault, not pulse audio so I should take up my problems with the alsa developement team.

        The alsa drivers were obviously fine, the problem was in pulse (admittedly in an early incarnation) but the attitude was already there.

        1. John Brown (no body) Silver badge
          Joke

          "but the attitude was already there."

          <tinfoil hat>

          Could Poettering be an MS deep cover agent?

          </tinfoil hat>

          1. Kiwi

            Could Poettering be an MS deep cover agent?

            Lemme see... Buggy code with potentially significant security flaws? Check

            Horrible attitude towards other? Check

            Utter refusal to fix bugs? Check

            Arrogant fuckwit who thinks he is God's gift rather than satan's diarrhea? Check

            Nah, couldn't possibly be...

            1. Swarthy Silver badge
              WTF?

              @Kiwi

              You left off the bit where Systemd looks and acts an awful (and I do mean Awful!) lot like the Windows registry; what with binary configuration files and logs that need the program itself to read them.

              So if Systemd* crashes, it writes to a binary log, which requires Systemd* to load up to read the logs - What could go wrong?

              *or the bits o' windows that read/handle the Registry

              1. ShelLuser
                Joke

                @Swarthy

                "So if Systemd* crashes, it writes to a binary log, which requires Systemd* to load up to read the logs - What could go wrong?"

                Now, now... you just need to adapt to the new way of Linux'ing. No need to be critical ;)

                It will only be a few months before the Samba stack gets imported into systemd and after that you can easily access those logs right after booting with your trusty Windows 10 environment.

    4. ShelLuser
      Black Helicopters

      @cbars

      Well, the company he works for is said to be a major vendor of commercial Linux support. You don't really expect him to remove a potential for revenue income, do you?

  2. Gene Cash Silver badge

    "the project's refusal to address it has frustrated users and developers"

    And THAT right there, more than anything, even more than the creeping featurism of systemd itself, is the reason people hate it.

    1. Graham Dawson

      Poettering's arrogance is the reason the "project" refuses to address it. He will insist that clear, replicable bugs aren't actually bugs and that people are just using it wrong.

      We're past microsoft and into Apple territory now. "It just works", as long as you hold it right.

      1. Uffish

        Temporary Apple Fanboy Here

        Much to my surprise I find myself defending Apple against the slur on it's name. Apple is NOT as loathsome as Lennart Poettering.

        1. Graham Dawson
          Pint

          Re: Temporary Apple Fanboy Here

          I'll drink to that.

  3. Anonymous Coward
    Anonymous Coward

    the problem with clueless amateurs...

    This is a more generic problem in the open source community. People creating things as a hobby who just don't quite 'get' all those older principles us grey hairs used to live by and enterprises, anybody with a connection to the wild internet really, have to live by - like the principle of least privilege, like fail-safe over fail-soft (which may mean not being so forgiving about bad input!), like learning from the mistakes of others rather than continually choosing to repeat them yourself (to be fair this one is much more widespread than the FOSS community) and the list goes on.

    1. bombastic bob Silver badge
      Devil

      Re: the problem with clueless amateurs...

      implies Poettering is a clueless amateur, I take it. no argument from me!

      I particularly dislike the use of 'exceptions' rather than checking return values. It's seems to be worse coming from the Python crowd...

      It would be nice to run these clueless amateurs through a 'programming boot camp' where you ONLY get to code in 'C', and you MUST check buffer sizes and return values for things like "the file wasn't opened" and "attempting to overflow the buffer".

      (and of course, check that the username is a VALID user name, and don't assume root privs when it's *NOT*)

      yeah, I'd have a clue-bat, a clue-by-four, and a cat-5-o-nine-tails ready at all times

      1. Destroy All Monsters Silver badge

        Re: the problem with clueless amateurs...

        must return values for things like "the file wasn't opened" and "attempting to overflow the buffer

        Any other good ideas from the medieval era?

        1. Anonymous Coward
          Anonymous Coward

          Re: the problem with clueless amateurs...

          WOW, basic input validation seen as medieval era....

          Amazing!

          1. Natalie Gritpants

            Re: the problem with clueless amateurs...

            A lot of good things started in the medieval period. The rule of law, human rights, better farming, universities and distillation. OK, not some many comp-sci inventions.

            1. John Smith 19 Gold badge
              Pint

              A lot of good things started in the medieval period. ..not some many comp-sci inventions.

              but you missed the most important

              Brewing.

              1. jake Silver badge

                Re: A lot of good things started in the medieval period. ..not some many comp-sci inventions.

                Brewing started long before the Medieval period.

                1. LDS Silver badge

                  "Brewing started long before the Medieval period."

                  It's fermentation, like wine. Not distillation.

                2. John Smith 19 Gold badge

                  Brewing started long before the Medieval period.

                  I stand corrected.

                  Well actually I'll be slumping down but it's much the same.

                  1. jake Silver badge
                    Pint

                    Re: Brewing started long before the Medieval period.

                    No worries. After imbibing a few, one century looks pretty much like another.

                    This round's on me :-)

              2. nijam Silver badge

                Re: A lot of good things started in the medieval period. ..not some many comp-sci inventions.

                Brewing predates the medieval era by many centuries.

              3. Doctor Syntax Silver badge

                Re: A lot of good things started in the medieval period. ..not some many comp-sci inventions.

                "Brewing."

                That started much earlier.

            2. Anonymous Coward
              Anonymous Coward

              Re: the problem with clueless amateurs...

              "A lot of good things started in the medieval period"

              That's nothing compared to the Roman times.

              1. 's water music Silver badge
                Coat

                Re: the problem with clueless amateurs...

                >>"A lot of good things started in the medieval period"

                That's nothing compared to the Roman times.

                Why, what did the Romans ever do for us?

                1. chuckufarley

                  Re: Why, what did the Romans ever do for us?

                  You mean besides crappy fonts? You might want to watch "The Life of Brian" as this topic is well covered in the movie.

              2. This post has been deleted by its author

            3. LDS Silver badge

              "A lot of good things started in the medieval period."

              Ehm, the rule of law started a little before. Hammurabi could tell something, and the Roman law formed the basis for the rule of law in Europe.

              Universal human rights are a product of Enlightenment, medieval people and religions were fully satisfied with slavery, castes, sentencing free thinkers, etc. etc.

              1. Doctor Syntax Silver badge

                Re: "A lot of good things started in the medieval period."

                "Universal human rights are a product of Enlightenment"

                Magna carta (1215) made such a good start at this that it took about 800 years before May managed to remove the concept of due process. The presumption of innocence didn't actually come from there but was introduced, I think from France, also in medieval times (maybe this is a further reason why May is in favour of Brexit - all these foreigners with inconvenient principles of law).

                1. Anonymous Coward
                  Anonymous Coward

                  Re: "A lot of good things started in the medieval period."

                  The presumption of innocence didn't actually come from there but was introduced, I think from France

                  I had a vague memory France had the opposite under Napolean Code, but a quick DuckDuckGo suggests I had this wrong.

                  Cool. Learned something new (or rather "corrected erroneous data in my head") :)

            4. Anonymous Coward
              Anonymous Coward

              Re: the problem with clueless amateurs...

              A lot of good things started in the medieval period.

              Killing the unbelievers, invading overseas contries in order to get their resources... erm, bringing democracy, rule of law for the commoners.

              1. jake Silver badge

                Re: the problem with clueless amateurs...

                Killing unbelievers and invading overseas countries in order to get their resources started long before the medieval period. In fact, both started roughly when brewing started (thus bringing us full circle).

          2. Anonymous Coward
            Anonymous Coward

            Re: the problem with clueless amateurs...

            All the validation goes in the web page. Like, duh!

          3. Anonymous Coward
            Anonymous Coward

            "WOW, basic input validation seen as medieval era...."

            No, it's clueless return values which are from a medieval era. The "file was not open". Nice. But why it wasn't opened? Was it an RTL error? Was it an OS error? If it was an OS error, what was the original OS error? Do I have a chance to retry it, or not?

            The issue with simple return values is they are "monodimensional" and may lose information along the way.

            My best practice is "if you can add information to an error, but never remove from". So if a deeply nested routine encounters an OS I/O error, for example, it needs to pass this error to its callers, which may add more information, to allow the higher level one understand what it could do with the error.

          4. Fatman
            WTF?

            Re: the problem with clueless amateurs...

            <quote>WOW, basic input validation seen as medieval era....

            Amazing!</quote>

            What do you expect from those dumb fucking millennials? Experience??

        2. hplasm Silver badge
          Devil

          Re: the problem with clueless amateurs...

          "Any other good ideas from the medieval era?"

          The Iron Maiden - with Poettering inside it?

          p.s. SystemD now has an emoji :- U-1F4A9

          What do you mean it's taken?

          1. Pirate Dave
            Pirate

            Re: the problem with clueless amateurs...

            "The Iron Maiden - with Poettering inside it?"

            So are you saying Poettering's theme song should be Iron Maiden's "Powerslave"? It seemingly fits...

        3. Dan 55 Silver badge
          Devil

          Re: the problem with clueless amateurs...

          Isn't not checking and acting properly on return values part of this very bug?

          Yeah, I'm going to consider this a bad user ID so I'm not going to change to it, I'll carry on as root as I can't stop as I'm booting the system, so I'll just stick a warning in the log and hope that somebody reads it.

          Later when somebody files a bug report...

          ITS THERE BAD SOFTWARE!!!!11!11!1

          I mean he works for the same employer that makes Red Hat (which considers it a good user ID), FFS.

          1. Alan Brown Silver badge

            Re: the problem with clueless amateurs...

            "I mean he works for the same employer that makes Red Hat (which considers it a good user ID), FFS."

            If you've ever been a redhat customer, you'll discover that the same attitude pervades the company.

      2. Stoneshop Silver badge
        Facepalm

        FTFY

        It would be nice to run these clueless amateurs

        out on a rail, with tar and feathers added

      3. John Smith 19 Gold badge
        Coat

        "yeah, I'd have a clue-bat, a clue-by-four, and a cat-5-o-nine-tails ready at all times"

        Bob, one day those liberal values of yours will be the death of you.

      4. maffski

        Re: the problem with clueless amateurs...

        'I particularly dislike the use of 'exceptions' rather than checking return values.'

        I'll take structured exception handling over return values all day thank you. Especially if the return value includes the evil of GetLastError

      5. Anonymous Coward
        Anonymous Coward

        "I particularly dislike the use of 'exceptions' "

        The lack of exceptions if one of the reasons that makes C code so fragile and vulnerable. Even after you checked return codes you may have issue properly handling (i.e. freeing resources) and propagating errors without exceptions, usually needing a lot more fragile code and hacks (like gotos).

        A small error, and code will keep on happily running in an unstable state, often creating exploitable vulnerabilities. There is also the need to propagate error information, with in C requires to use some static data somewhere, and additional "geterror" calls, hoping they were made thread-safe.

        C++ didn't address the issue fully because of its obsession for RAII (which lead to the need of smartpointers - another hack needed to solve a design issue, but not everybody understands and use them properly). That's why we see lots of vulnerabilities around in C/C++ code.

        Then there are many ways to use exceptions the wrong way as well.

        But it's only amateurs that believe C is the perfect language, and it was creates as such.

    2. This post has been deleted by a moderator

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019