Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Debian Bug Open Source

Systemd Named 'Lamest Vendor' At Pwnie Security Awards (theregister.co.uk) 436

Long-time Slashdot reader darkpixel2k shares a highlight from the Black Hat USA security conference. The Register reports: The annual Pwnie Awards for serious security screw-ups saw hardly anyone collecting their prize at this year's ceremony in Las Vegas... The gongs are divided into categories, and nominations in each section are voted on by the hacker community... The award for best server-side bug went to the NSA's Equation Group, whose Windows SMB exploits were stolen and leaked online this year by the Shadow Brokers...

And finally, the lamest vendor response award went to Systemd supremo Lennart Poettering for his controversial, and perhaps questionable, handling of the following bugs in everyone's favorite init replacement: 5998, 6225, 6214, 5144, and 6237... "Where you are dereferencing null pointers, or writing out of bounds, or not supporting fully qualified domain names, or giving root privileges to any user whose name begins with a number, there's no chance that the CVE number will referenced in either the change log or the commit message," reads the Pwnie nomination for Systemd, referring to the open-source project's allergy to assigning CVE numbers. "But CVEs aren't really our currency any more, and only the lamest of vendors gets a Pwnie!"

CSO has more coverage -- and presumably there will eventually be an official announcement up at Pwnies.com.
This discussion has been archived. No new comments can be posted.

Systemd Named 'Lamest Vendor' At Pwnie Security Awards

Comments Filter:
  • by NoNonAlphaCharsHere ( 2201864 ) on Saturday July 29, 2017 @01:39PM (#54904671)
    Marked NOTLAME, WONTACCEPT, closed.

    Also, lameness filter.
  • Misleading title (Score:4, Informative)

    by markdavis ( 642305 ) on Saturday July 29, 2017 @02:03PM (#54904789)

    >"Systemd Named 'Lamest Vendor' At Pwnie Security Awards"

    I have no great love of Systemd, but that headline is misleading. The award was the "lamest vendor RESPONSE." But, you know, it is all the rage to have intentionally misleading headlines to grab even more attention than deserved.

    • by Tyler Whitlock ( 4168739 ) on Saturday July 29, 2017 @02:15PM (#54904843)
      To be honest, not much of a difference in this case. When someone epically falls on multiple accounts with their response to horrendous bugs, I'd consider them to be the 'lamest vendor' Your post is overrated in that you're distinguish between something that has very little difference in this case.
  • No words. (Score:5, Insightful)

    by 0100010001010011 ( 652467 ) on Saturday July 29, 2017 @02:06PM (#54904805)

    You have got to be fucking kidding me: systemd can't handle the process previlege that belongs to user name startswith number, such as 0day #6237 [github.com]

    And what's worse is Pottering's complete lack of UNIX awareness.

    Yes, as you found out "0day" is not a valid username. I wonder which tool permitted you to create it in the first place. Note that not permitting numeric first characters is done on purpose: to avoid ambiguities between numeric UID and textual user names.

    Somehow FreeBSD doesn't have an issue:

    [root@freenas2 ~]# adduser
    Username: 0day
    Full name: 0 Day
    Uid (Leave empty for default):
    Login group [0day]:
    Login group is 0day. Invite 0day into other groups? []:
    Login class [default]:
    Shell (sh csh tcsh bash rbash git-shell netcli.sh ksh93 mksh zsh rzsh scponly nologin) [sh]: bash
    Home directory [/home/0day]:
    Home directory permissions (Leave empty for default):
    Use password-based authentication? [yes]: no
    Lock out the account after creation? [no]: no
    Username : 0day
    Password :
    Full Name : 0 Day
    Uid : 8001
    Class :
    Groups : 0day
    Home : /home/0day
    Home Mode :
    Shell : /usr/local/bin/bash
    Locked : no
    OK? (yes/no): yes
    adduser: INFO: Successfully added (0day) to the user database.
    Add another user? (yes/no): no
    Goodbye!
    [root@freenas2 ~]# su - 0day
    [0day@freenas2 ~]$ id 0day
    uid=8001(0day) gid=8001(0day) groups=8001(0day)

    His failure to understand POSIX has shown up in the past as well: tmpfiles: R! /dir/.* destroys root #5644 [github.com] with Pottering's amazing comment of:

    I am not sure I'd consider this much of a problem. Yeah, it's a UNIX pitfall, but "rm -rf /foo/.*" will work the exact same way, no?

    It's not like you couldn't take 5 seconds to test that:

    root@m6700:~# mkdir /foo
    root@m6700:~# touch /foo/.test
    root@m6700:~# mkdir /foo/.test2
    root@m6700:~# ls -lah /foo/
    total 12K
    drwxr-xr-x 3 root root 4.0K Jul 29 14:04 .
    drwxr-xr-x 25 root root 4.0K Jul 29 14:04 ..
    -rw-r--r-- 1 root root 0 Jul 29 14:04 .test
    drwxr-xr-x 2 root root 4.0K Jul 29 14:04 .test2
    root@m6700:~# rm -rf /foo/.*
    rm: refusing to remove '.' or '..' directory: skipping '/foo/.'
    rm: refusing to remove '.' or '..' directory: skipping '/foo/..'
    root@m6700:~# ls -lah /foo/
    total 8.0K
    drwxr-xr-x 2 root root 4.0K Jul 29 14:04 .
    drwxr-xr-x 25 root root 4.0K Jul 29 14:04 ..

    • Re:No words. (Score:5, Insightful)

      by Anonymous Coward on Saturday July 29, 2017 @02:20PM (#54904877)

      It is almost as if the concept of "be conservative in what you do, be liberal in what you accept" is useful in graceful handling of errors. I mean, not as if someone said it in the past who had any importance.

      • Well, Systemd did exactly that, which is the problem. It kept the part of the input which was valid(The 0, thus running with pid=0) and then ignored the rest of the invalid input.

        "be liberal in what you accept" is a horrible concept, because it makes it impossible to ever have a standard, without breaking half of the current uses, because they then depend on undocumented implementation specific error handling which is impossible to implement for others.

        Just look at ns4 and internet explorer 5/6. Because the

        • by TCM ( 130219 )

          You completely misunderstand what "be liberal in what you accept" means.

          It doesn't mean to take any input and cherrypick single bits that you understand and ignore the rest. You rather try to parse inputs liberally, while making sure it's unambiguous in its meaning. For example, when parsing a config file, there could be more whitespace than necessary. As long as you find valid keywords in that extra whitespace, you're good to parse it liberally. When writing a config file, however, you're supposed to trim

    • From one BSD neckbeard to another; well played sir

    • From the github link for the deletion problem:

      poettering locked and limited conversation to collaborators on Apr 17

      Hahahaha

    • I just created a random binary digit user on my Mac. Starting with a 0 ... no problem.
      AFAIK user names only need to be type able on a keyboard ...

    • "rm -rf /foo/.*"
      "rm: refusing to remove '.' or '..' directory: skipping '/foo/.'"

      Unfortunately if you pass .* to 'chmod -R', and run it as root, it will walk up the directory tree and mangle all the system directories. not the behavior I was expecting :)
  • by Anonymous Coward on Saturday July 29, 2017 @02:06PM (#54904809)

    How can Debian's developers justify using systemd, considering all of these unbelievably unjustifiable problems with it? Why have they subjected Debian and its users to these flaws? Is it really just a result of the best Debian users having long ago moved to FreeBSD, leaving around only users who don't know any better?

    • by Anonymous Coward on Saturday July 29, 2017 @02:24PM (#54904891)

      It was shoved down Debian's throat by the technical committee in a first ever usurp of power from the developers to the committee. There was not consensus on this change at all.

      • by Anonymous Coward on Saturday July 29, 2017 @02:32PM (#54904939)

        Not only that but the vote for Systemd in Debian was a 2-2 tie and had to be overruled. Hardly a "everyone wanted Systemd" that a lot of the pro-systemd people like to suggest.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        I think that there was no consensus is what caused the technical committee to get involved. Many people were advocating for a next generation init system to replace SysV. Clearly forcing maintainers personally support all possible init systems would be worse.

        The decisions that came down from the technical commitee made systemd the default init (#727708) and required that maintainers at least accept contributions for other init systems (#746715). The outcome provided for another popular system init to be

    • My understanding was there was a vote and some asshole had to break the tie in favor of systemd.

      • Your understanding is basic.

        By simple majority systemd had double the number of votes than upstart and further discussions and was a clear winner.
        No one preferred keeping sysvinit, and everyone preferred openRC over sysvinit. However they didn't go by simple majority but rather by pairwise defeats. After pairwise defeats the only remaining options were systemd vs upstart. The "asshole" you're referring to was the chairman of the technical committee who preferred systemd in favour of upstart.

        Of course system

    • Re: (Score:2, Insightful)

      by rainer_d ( 115765 )

      Not using systemd would have made them irrelevant.

      Not that this isn't going to happen anyway, as RedHat absorbs more and more of the Linux-world and it will be increasingly difficult to do anything on Linux "un-RedHat-edly" in the coming years.

      As such it has to be seen how much of a differentiation-factor an installer and some default-settings are - together with the complete lack of any kind of enterprise-features that RedHat offers. Because that's what I think Debian et.al are going to end-up being. Becau

    • by dbIII ( 701233 )
      Because they want the new gnome and it's tied into systemd.
    • I wonder if systemd, pulseaudio etc are trojan horses inserted into the Linux ecosystem for nothing else but screwing things up - they work, sort of, but not very well.. they are irritating enough to significantly reduce the adoption of Linux and also to slow down the overall development of the Linux ecosystem by focusing attention on problems which could have been easily avoided. There there is of course these security vulnerabilities which open up in the strangest of places.

      Of course, I have no evidence f

      • by gweihir ( 88907 )

        I believe that is the case, but Poettering is not clued in. It seems likely that Linux became too hard to hack into, so something needed to be done. Putting a known incompetent with a huge ego and no understanding of security in charge of a critical central system component is just the ticket to do that. And it will not look like a sabotage attack either, because said incompetent will screw up security all by himself, whit zero understanding of how he is being used.

        The nature of the campaign that systemd wa

  • When does the hurting stop.
  • by Kokuyo ( 549451 ) on Saturday July 29, 2017 @03:07PM (#54905103) Journal

    I've been considering switching from Ubuntu to something without Systemd. But what would that be? Slackware is a bit hardcore and frankly, I'm really scared I won't get my server functional ever again if I start from scratch...

    • by Kokuyo ( 549451 )

      And no, I'm not gonna do another LFS. The last time, many moons ago, I got it running but with so many error messages I couldn't truly deal with, I think I've got enouth PTSD to tell my grandkids I would have preferred a good war :D.

      • by epyT-R ( 613989 )

        slack, gentoo, devuan are options..

    • by sconeu ( 64226 ) on Saturday July 29, 2017 @03:31PM (#54905203) Homepage Journal

      What about Devuan?

    • I tried Devuan, but too early, maybe, because I found the beta I tried to be barely functional. It might be better now. In the end, I landed on Manjaro OpenRC.
    • Slackware used to be close to BSD and most other Linux distros are close to System V and the modern mix of BSD/System V.
      If you really want to switch, why not to Open BSD?

      • by Kokuyo ( 549451 )

        I guess that would be an idea considdering my zfs storage. I was just of the impression that hardware support was even worse than Linux. Is that not so?

        • by Kokuyo ( 549451 )

          I should probably also mention that I plan GPU passthrough to a windows vm on this server (Threadripper based).

          It's gonna be quite a challenge as it is and I've never worked with a BSD...

      • OpenBSd has hardly any drivers and is not that user friendly. FreeBSD is better as it has up to date drivers, ZFS, dtrace, jails, and is more supported.

    • FreeBSD is quite popular. Issue is well it is hardcore :-)

      But FreeBSD is conservative and known to be quite stable for server builds. What I love about FreeBSD is I find the FreeBSD handbook and manpages quite superior to Linux.

      Linux is abunch of things glued together and grown. FreeBSD is designed and feels like a complete OS. The tools are BSD based, Documentation is BSD based, even the sample scripts, and then of course the kernel etc. The ports in /usr/ports also pull from the sources and apply FreeBSD

    • I've been trying to learn how to do things The BSD Way. Considering freebsd since Linode support it to some degree for their VPSes...

  • Never have I read anything positive about systemd.
    and what I've read about it's design is extremely non-unixy.

    so why did any of the distributions pick it up ?

  • by khz6955 ( 4502517 ) on Saturday July 29, 2017 @05:22PM (#54905721)
    Systemd dies if there is no cgroup support in the kernel.

    Poettering: "To make this work we’d need a patch, as nobody of us tests this"

    R! /dir/.* destroys root.

    Poettering: "I am not sure I'd consider this much of a problem. Yeah, it's a UNIX pitfall, but "rm -rf /foo/.*" will work the exact same way, no?"

    Processes owned by a user with a leading zero in the name are started with root privilege..

    Pottering: "I don't think there's anything to fix in systemd here"

    Systemd kill background processes after user logs out.

    Poettering: "In my view it was actually quite strange of UNIX that it by default let arbitrary user code stay around unrestricted after logout."

    'I have an issue with journal corruptions and need to know what is the accepted way to deal with them.'

    Poettering: "Yupp, journal corruptions result in rotation, and when reading we try to make the best of it. they are nothing we really need to fix hence."

    'Poettering locked and limited conversation to collaborators on 17 Apr'
    • by xbytor ( 215790 )

      > "In my view it was actually quite strange of UNIX that it by default let arbitrary user code stay around unrestricted after logout."

      Wow. Really, just wow. I am so happy I don't have to use Debian or any of those other systemd distros.

Children begin by loving their parents. After a time they judge them. Rarely, if ever, do they forgive them. - Oscar Wilde

Working...