[Arm-netbook] severe systemd bugs (two of them)
Erik Auerswald
auerswal at unix-ag.uni-kl.de
Mon Jul 3 11:00:48 BST 2017
Hi,
On Mon, Jul 03, 2017 at 10:26:51AM +0200, Philip Hands wrote:
> Luke Kenneth Casson Leighton <lkcl at lkcl.net> writes:
>
> > https://it.slashdot.org/story/17/07/03/0343258/severe-systemd-bug-allowed-remote-code-execution-for-two-years
> >
> > two years. that's how long one of these bugs has been in systemd.
> > *via a remote network*. what the hell is an init system doing being
> > accessible *via DNS queries*?
>
> If you read the summary of the article to the second line, you'll note
> that it is talking about 'systemd-resolved' -- so not the init at all.
>
> Yes, I know that it was stupid to call all these disparate bits of the
> SystemD project systemd-$whatever, becuase it's just asking for people
> to do what you just did, but I really expect _you_ to understand that
> there is more than one executable involved in systemd, and that not all
> of them can possibly run as process 1, all at once.
An init system comprises many processes. System V init e.g. uses shell
scripts to start services. The whole system is called System V init.
Systemd is supposed to replace the complete init system, not just the
process with PID 1. In addition, it adds lots of other functionality (DNS
resolver, DCHP client, network configuration, desktop session management,
...), all of which existed and worked before the systemd replacements.
Thanks,
Erik
--
If it ain't broke, don't fix it.
More information about the arm-netbook
mailing list