Systemd v228 local root exploit

Sebastian Krahmer has reported that systemdv228 is vulnerable to a trivial local root exploit that was silently fixeda year ago. It is believed that it mostly affects v228, but he recommendsthat distributions check to ensure they have the fix. No CVE was requestedby the project so the SUSE security team requested one and it was assignedCVE-2016-10156. "The analysis says that is a 'possible DoS', but itsa local root exploit indeed. Mode 07777 also contains the suid bit, so filescreated by touch() are world writable suids, root owned. Suchas /var/lib/systemd/timers/stamp-fstrim.timer thats found on a non-nosuidmount."