you’ve got the option to no longer start and stop daemons.
Systemd is an essential part of the boot process for most Linux distributions.
This prevents a clean system reboot and results in system instability.
After running this command, PID 1 is hung in the pause system call.
you’re able to no longer start and stop daemons.
inetd-style services no longer accept connections.
You cannot cleanly reboot the system.
The bug, which has existed for more than two years, does not require root access to exploit.
The vulnerability is so critical that you cannot cleanly reboot the system.
The system feels generally unstable (e.g.
ssh and su hang for 30 seconds since systemd is now integrated with the login system).
All of this can be because of a command thats short enough to fit in a Tweet.
He says that Systemds problems run far deeper than this one bug.
Ayer says that it is not too late to stop this.
Systemd offers very few compelling features over existing implementations, but does carry a large amount of risk.
If youre an program developer, do not use systemds non-standard interfaces.
There will be better alternatives in the future that are more secure than what we have now.
you might read the bug report on GitHubhere.
Strauss, via ablog postcritical of Ayer, said the vulnerability is a minor security issue.
Strauss says that Ayer is being subjective.
These facilities are degrading gracefully, which is exactly what should happen, he wrote.
Strauss compares the flaw identified by Ayer as a needed Linux function.
Engineering crumple zones on cars isnt evidence that they handle poorly.
Likewise, improving coredump handling for systemd isnt evidence that it crashes frequently, he wrote.
Ayer has rebutted Strauss claims.
The best systemd can offer is whole utility sandboxing.
source: www.techworm.net
