AkkomaGang/akkoma
AkkomaGang/akkoma
15
65
Fork 92
Code Issues 177 Pull requests 24 Projects 2 Releases 14 Packages Wiki Activity

Add no_new_privs hardening to OpenRC and systemd service files #575

Merged
floatingghost merged 3 commits from norm/akkoma:no-new-privs into develop 2023-07-27 12:54:45 +00:00
Conversation 2 Commits 3 Files changed 4 +8
norm commented 2023-06-29 06:19:22 +00:00
Contributor
Copy link

Based on upstream Pleroma MR: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3905

I also added in similar hardening to installation/akkoma.service as well since I don't see why that shouldn't be the case as well.

This will help prevent the Akkoma processes from gaining additional privileges, making it easier to prevent privilege escalation attacks from happening.

Based on upstream Pleroma MR: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3905 I also added in similar hardening to `installation/akkoma.service` as well since I don't see why that shouldn't be the case as well. This will help prevent the Akkoma processes from gaining additional privileges, making it easier to prevent privilege escalation attacks from happening.
norm force-pushed no-new-privs from 3b54380c2a to 88cd8fa93b 2023-06-29 06:26:49 +00:00 Compare
norm force-pushed no-new-privs from 88cd8fa93b to 0cb57b9fc3 2023-06-29 06:27:48 +00:00 Compare
norm force-pushed no-new-privs from 0cb57b9fc3 to ba505d2b1e 2023-06-29 06:30:53 +00:00 Compare
norm commented 2023-06-29 06:40:42 +00:00
Author
Contributor
Copy link

Just noticed that the systemd file did have that setting at one point but was removed in e7b0840b88 because it apparently broke using sendmail.

I'd argue that most admins don't use sendmail for their emails and there are ways to make sendmail work without set{u,g}id anyways. If someone has to use sendmail with set{u,g}id then they can disable it themselves, while the rest of us can have a mroe secure config.

Just noticed that the systemd file did have that setting at one point but was removed in e7b0840b88838f9e14bd2b09060d89c4a656966c because it apparently broke using sendmail. I'd argue that most admins don't use sendmail for their emails and there are ways to make sendmail work without set{u,g}id anyways. If someone has to use sendmail with set{u,g}id then they can disable it themselves, while the rest of us can have a mroe secure config.
norm force-pushed no-new-privs from ba505d2b1e to db64556306 2023-07-22 06:41:44 +00:00 Compare
floatingghost commented 2023-07-27 12:54:41 +00:00
Owner
Copy link

all good, thanks

all good, thanks
floatingghost merged commit 597a97cca9 into develop 2023-07-27 12:54:45 +00:00
floatingghost deleted branch no-new-privs 2023-07-27 12:54:45 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
approved, awaiting change

   
bug

Something is not working

  
configuration

This requires config changes

  
documentation

This is about human-readable docs

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
extremely low priority

   
feature request

Something new?

  
Fix it yourself

Support has been attempted

  
help wanted

Need some help

  
invalid

Something is wrong

  
mastodon_api

   
needs docs

   
needs tests

   
not a bug

   
planned

   
pleroma_api

   
privacy

   
question

More information is needed

  
static_fe

   
triage

   
wontfix

This won't be fixed

No labels
approved, awaiting change
bug
configuration
documentation
duplicate
enhancement
extremely low priority
feature request
Fix it yourself
help wanted
invalid
mastodon_api
needs docs
needs tests
not a bug
planned
pleroma_api
privacy
question
static_fe
triage
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: AkkomaGang/akkoma#575
No description provided.
Delete branch "norm/akkoma:no-new-privs"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?