Lennart Poettering on Nostr: If set, a UID is dynamically allocated for a service when it starts and released ...
If set, a UID is dynamically allocated for a service when it starts and released again when it stops. This is fantastic for many payloads, as it means UID-based security isolation is available cheaply without having to pre-allocate everything statically. You can just fire off a quick service with its own UID here and there, and this does not result in "sticky" UID allocations in /etc/passwd.
RuntimeDirectory=/StateDirectory=/CacheDirectory=/LogsDirectory= are really useful in the…
Published at
2024-12-13 10:17:19Event JSON
{
"id": "a38110380fec371f71bf446eaff8f5822609704e4e0087f3a1a4c523b00876da",
"pubkey": "1d95c32d9a9d95a54f98eb2eaa156f3d3a71dc49eca2c960b2b89962758f1cc0",
"created_at": 1734085039,
"kind": 1,
"tags": [
[
"e",
"48e7f91646ea5d059239deb61baba245f63d4b947ad9fe29a7e0f689b580dbbd",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://mastodon.social/users/pid_eins/statuses/113644997171686472",
"activitypub"
]
],
"content": "If set, a UID is dynamically allocated for a service when it starts and released again when it stops. This is fantastic for many payloads, as it means UID-based security isolation is available cheaply without having to pre-allocate everything statically. You can just fire off a quick service with its own UID here and there, and this does not result in \"sticky\" UID allocations in /etc/passwd.\n\nRuntimeDirectory=/StateDirectory=/CacheDirectory=/LogsDirectory= are really useful in the…",
"sig": "c4b6ada2c4f569f1b32030885d7c82945cff02946d4edb6a6d98a64106e44f123bb8a0f9eb8b4a24a0c6d67a37b18fb42b3aa482ce87f944644e5ee2c690fdf9"
}
