nanog mailing list archives
Re: Linux: concerns over systemd adoption and Debian's decision to switch
From: Jeffrey Ollie <jeff () ocjtech us>
Date: Wed, 22 Oct 2014 14:24:40 -0500
On Wed, Oct 22, 2014 at 2:13 PM, John Schiel <jschiel () flowtools net> wrote:
On 10/22/2014 10:43 AM, C. Jon Larsen wrote:Incorrect assumption. systemd is a massive security hole waiting to happen and it does not follow the unix philosophy of done 1 thing and do it well/correct.i was beginning to wonder how secure systemd is also.
Personally, I feel that the systemd developers have given a lot of thought to security, both in the systemd code itself and because systemd makes it practical to use advanced features of the Linux kernel that can improve security. One example is the fact that systemd makes it very easy to give a service a private /tmp and /var/tmp directory that no other service uses by using Linux's filesystem namespaces. That can avoid all sorts of tmpfile race conditions that have caused problems in the past. Doing that in sysvinit, while possible, wasn't easy because you'd have to modify each init.d script (and redo the change every time upstream released a new update) to create/manage the filesystem namespace. In practice it was never done. -- Jeff Ollie
Current thread:
- Re: Linux: concerns over systemd adoption and Debian's decision to switch, (continued)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch C. Jon Larsen (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Andrew Sullivan (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Daniel Corbe (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Andrew Sullivan (Oct 22)
- Re: Linux: concerns over systemd [OT] Randy Bush (Oct 22)
- Re: Linux: concerns over systemd [OT] Barry Shein (Oct 23)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jamie Lawrence (Oct 23)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Miles Fidelman (Oct 23)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch John Schiel (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Valdis . Kletnieks (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch John Schiel (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Miles Fidelman (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Randy Bush (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Israel G. Lugo (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jay Ashworth (Oct 24)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch George Herbert (Oct 22)