Linux

47984 readers

1208 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

-81

Systemd is far from being perfect (discuss.online)

submitted 10 months ago by [email protected] to c/[email protected]

40 comments fedilink hide all child comments

Systemd-init has a larger attack surface compared to runit, openrc, or sysVinit.
Systemd-logind relies on systemd, so we need to adapt it for non-systemD distributions to ensure compatibility with certain applications like GNOME.
Udev also depends on systemd.
SystemD is specific to Linux, which makes porting software to *BSD even more challenging. It's uncertain what the future holds, and there may be circumstances where Linux becomes unusable for you (e.g., compatibility issues with your laptop). Having a good alternative that doesn't require relearning everything is generally beneficial.
SystemD-based distributions often come with more than just "systemd-init." They include additional components like logind, resolved, networkd, systemd-timers, etc. However, many people still prefer using the alternatives they were accustomed to before systemd became popular, such as dhcpcd and cron. Consequently, having both sets of tools installed can increase the attack surface.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 10 months ago (1 children)

You went on a tangent, my point is that larger attack surface does not necessarily equate to more risk. As an example my kernel has controller support even though I have never plugged a controller to it, that grants it a larger attack surface, but does not make it less secure in any significant sense of the word. Therefore just claiming larger attack surface is not a valid criticism on it's own unless you can provide examples of actual security flaws.

[–] [email protected] -3 points 10 months ago* (last edited 10 months ago) (1 children)

There is an example: https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet

[–] [email protected] 8 points 10 months ago (1 children)

If a bug that was fixed over 7 years ago is your best example of security failure in systemd I think that's proof enough that it's safe.

[–] [email protected] -5 points 10 months ago (1 children)

Compare it to vulnerabilities found in SysVinit, which was as common as systemd-init is now. There were no similar bugs, that would allow crashing an entire system just by executing a single command.

[–] [email protected] 10 points 10 months ago (1 children)

There might not have been those kinds of bugs in sysvinit itself but the shitty quality init scripts it encouraged people to write certainly had thousands of security issues.