nanog mailing list archives
Re: Linux: concerns over systemd adoption and Debian's decision to switch
From: John Schiel <jschiel () flowtools net>
Date: Wed, 22 Oct 2014 14:22:58 -0600
On 10/22/2014 01:30 PM, Valdis.Kletnieks () vt edu wrote:
On Wed, 22 Oct 2014 13:13:29 -0600, John Schiel said:i was beginning to wonder how secure systemd is also.One of the 3 CIA pillars of security is "availability". And if it's oh-dark-30, figuring out what symlink is supposed to be where for a given failed systemd unit can be a tad challenging. At least under sysvinit, either /etc/rc5.d/S50foobar is there or it isn't(*). And if they carry through on their systemd-console threat, that could get even worse - that introduces a whole new pile of risks for being unable to diagnose early boot bugs So yeah, there's security issues other than "can it be hacked because it's got a huge surface area".
Agreed, the "oh-dark-thirty" call outs will be harder to resolve but I'm sure some folks will learn to deal with it. It's new and changes the job but as was noted earlier, there is always change.
My concern is with the "large surface area". Does that expose the daemon to more vulnerabilities because it does more or does one daemon make it easier to protect against multiple vulnerabilities? I don't know, that's where the research needs to be done.
--John
(*) Unless you're really having a bad night and it's a hard link to /dev/sda1 or something. :)
Current thread:
- Re: Linux: concerns over systemd adoption and Debian's decision to switch, (continued)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Daniel Corbe (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Andrew Sullivan (Oct 22)
- Re: Linux: concerns over systemd [OT] Randy Bush (Oct 22)
- Re: Linux: concerns over systemd [OT] Barry Shein (Oct 23)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jamie Lawrence (Oct 23)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Miles Fidelman (Oct 23)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch John Schiel (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Valdis . Kletnieks (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch John Schiel (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Miles Fidelman (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Randy Bush (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Israel G. Lugo (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jay Ashworth (Oct 24)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch George Herbert (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Jeffrey Ollie (Oct 22)
- Re: Linux: concerns over systemd adoption and Debian's decision to switch Rich Kulawiec (Oct 22)