Comment # 8 on bug 1090647 from 
(In reply to Matthias Gerstner from comment #4)
> The following findings resulted from this:
> 
> - /etc/machine-id is world-writeable which is probably not what was intended.
>   The reason is found in the systemd spec file:
> 
>   if [ $1 -eq 1 ]; then
>           touch     %{_sysconfdir}/machine-id
>           chmod 666 %{_sysconfdir}/machine-id
>   fi
> 
> - Each process started from within the KDE login inherits a couple of open
>   UNIX domain socket file descriptors. Just open up a konsole and check ls -l
>   /proc/self/fd. These descriptors are open for read/write. They seem to be
>   connected to plasmashell process also running as the logged in user. So it
>   hopefully doesn���t pose a security issue. Anyways, inheriting those file
>   descriptors to arbitrary user processes does not look like a good idea. But
>   probably it is some great KDE concept in action that we���re seeing here?

Please file bugs. Especially the systemd one needs to be fixed ASAP

You are receiving this mail because: