highexperimentalLinuxAI/MLT1543.002

LLM Service Modifying Systemd Unit Or Service Config

Detects LLM service processes writing to systemd unit directories (/etc/systemd/system/, /lib/systemd/system/). Modifying service configurations enables persistent code execution and service manipulation, representing unacceptable excessive agency.

Updated Jan 15, 2025 · Detection Engineering Team

llmexcessive-agencylinuxpersistenceowasp-llm06

Problem Statement

systemd unit files define what services run on the host at startup and in response to system events. An LLM process with the ability to create or modify service units has effectively achieved persistent root code execution.

Sample Logs

{"timestamp":"2025-01-15T23:17:45Z","computer_name":"llm-host-01","user":"root","image":"/opt/llm/app/system_configurator.py","target_filename":"/etc/systemd/system/backdoor.service","event_type":"file_create"}

Required Fields

image

target_filename

user

computer_name

False Positives

Tuning Guidance

This is a near-zero false positive detection. Any LLM process writing to systemd unit paths should be treated as a critical incident.