[OT] /etc/machine-id "must not be exposed in untrusted environments"

To: debian-devel@lists.debian.org
Subject: [OT] /etc/machine-id "must not be exposed in untrusted environments"
From: Marvin Renich <mrvn@renich.org>
Date: Thu, 8 Aug 2019 15:20:28 -0400
Message-id: <[🔎] 20190808192028.vu2hwb7rmt7eiiw2@basil.wdw>

This is related to the thread Generating new IDs for cloning, but is
probably OT for this list.  I guess this is really a question for
systemd maintainers?  Should I file a bug?

The man page for machine-id says:

  This ID uniquely identifies the host. It should be considered
  "confidential", and must not be exposed in untrusted environments, in
  particular on the network.

Why is the file mode 0666?  Does it need to be non-root readable?  If
so, how can it be prevented from being exposed on the network if there
is any user access from the network?  Is this really a security concern?

...Marvin

Reply to:

Follow-Ups:
- Re: [OT] /etc/machine-id "must not be exposed in untrusted environments"
  - From: Sven Joachim <svenjoac@gmx.de>
- Re: [OT] /etc/machine-id "must not be exposed in untrusted environments"
  - From: Simon McVittie <smcv@debian.org>
- Re: [OT] /etc/machine-id "must not be exposed in untrusted environments"
  - From: Jim Popovitch <jim@k4vqc.com>

Prev by Date: RE:Generating new IDs for cloning
Next by Date: Re: Please stop hating on sysvinit (was Re: do packages depend on lexical order or {daily,weekly,monthly} cron jobs?)
Previous by thread: Bug#934253: ITP: xdg-utils-cxx -- Implementation of the Free Desktop Standards in C++.
Next by thread: Re: [OT] /etc/machine-id "must not be exposed in untrusted environments"
Index(es):
- Date
- Thread