Can you explain how it is "likely a new security threat" or is it simply FUD?
Bruce Schneier (in Cryptography Engineering) pointed out that to keep something secure, you need to keep it simple (because exploits hide in complexity). When you have a large, complex, system that does a lot of different things, there's a high chance that there are security flaws. If you go to DefCon, speakers will actually say that one of the things they look for when doing 'security research' is a large, complex interface.
So that's the reason. When you see a large complex system running as root, it means hackers will be root.
In a couple weeks there won't even be a way to get it running on Chrome, if you want to.
Yes I keep getting "the internet is broken and this PDF file is broken" from a couple of people that will not use anything other than Chrome. If it wasn't for all that malware out there taking advantage of shit Adobe and other code having a fallback "dangerous mode" would make sense.
Local privilege escalations on OpenBSD are a tiny fraction (literally... look at the number) compared to Linux, even when you _only_ count kernel exploits.
But they're there. And there are still plenty that haven't been found. So if someone wants root, they can get it.
The only linux server I saw that had been rooted was one where the lazy software developer that ended up looking after it decided to give every email user a full shell, let users have three letter passwords, let it be accessed by ssh from anywhere, put a compiler on it and fucked up the permissions of config files ("chmod a+rwx/etc/*") so that he didn't have to switch to root or sudo to edit them. Luckily about the first thing the script kiddies did with it was portscanned another machine that was under a
This leads to another interesting question: once they do discover a really bad exploit in systemd, how hard is it to patch? Can it be done without restarting the system entirely?
The quick thought is that systemd has a larger surface area for vulnerabilities than su and is therefore more likely to be a vector for attack -- this is almost always the *correct* assumption. The ball is in systemd's court to prove that despite having more code and more complexity, it is not as vulnerable.
The road to ruin is always in good repair, and the travellers pay the
expense of it.
-- Josh Billings
Security (Score:5, Insightful)
Re:Security (Score:3, Interesting)
No offense, but I see lots of attacks like this on systemd. Can you explain how it is "likely a new security threat" or is it simply FUD?
Re:Security (Score:5, Insightful)
Can you explain how it is "likely a new security threat" or is it simply FUD?
Bruce Schneier (in Cryptography Engineering) pointed out that to keep something secure, you need to keep it simple (because exploits hide in complexity). When you have a large, complex, system that does a lot of different things, there's a high chance that there are security flaws. If you go to DefCon, speakers will actually say that one of the things they look for when doing 'security research' is a large, complex interface.
So that's the reason. When you see a large complex system running as root, it means hackers will be root.
Re:Security (Score:4, Insightful)
So that would maybe be the way to destroy systemd: organise a conference of security hackers, and only concentrate on systemd.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Have security vulnerabilities ever 'destroyed' any piece of software?
Java browser applet plugin.
It's largely not used anymore, and major browsers block it by default.
In a couple weeks there won't even be a way to get it running on Chrome, if you want to.
Re: (Score:2)
Re: (Score:2)
Yes I keep getting "the internet is broken and this PDF file is broken" from a couple of people that will not use anything other than Chrome. If it wasn't for all that malware out there taking advantage of shit Adobe and other code having a fallback "dangerous mode" would make sense.
Re: (Score:2)
Local privilege escalations on OpenBSD are a tiny fraction (literally... look at the number) compared to Linux, even when you _only_ count kernel exploits.
But they're there. And there are still plenty that haven't been found. So if someone wants root, they can get it.
Re: (Score:2)
For many years they were running Linux and were regularly rooted.
What on earth were you doing on Linux servers that they were getting regularly rooted? lol That's not a normal scenario.
Re: (Score:2)
Re: (Score:2)
With systemd I'm starting to think that being an idiot once over will be enough as well.
The whole udev thing merging with systemd really astonishes me. I'm not sure how anyone thought that would make sense.
Re: (Score:2)
This leads to another interesting question: once they do discover a really bad exploit in systemd, how hard is it to patch? Can it be done without restarting the system entirely?
Re: (Score:2)
systemctl daemon-reexec
Re: (Score:2)
Re: (Score:2)
The quick thought is that systemd has a larger surface area for vulnerabilities than su and is therefore more likely to be a vector for attack -- this is almost always the *correct* assumption. The ball is in systemd's court to prove that despite having more code and more complexity, it is not as vulnerable.