Linux systemd Affected by Memory Corruption Vulnerabilities, No Patches Yet (bleepingcomputer.com) 306
Major Linux distributions are vulnerable to three bugs in systemd, a Linux initialization system and service manager in widespread use, California-based security company Qualys said late yesterday. From a report: The bugs exist in 'journald' service, tasked with collecting and storing log data, and they can be exploited to obtain root privileges on the target machine or to leak information. No patches exist at the moment. Discovered by researchers at Qualys, the flaws are two memory corruption vulnerabilities (stack buffer overflow - CVE-2018-16864, and allocation of memory without limits - CVE-2018-16865) and one out-of-bounds error (CVE-2018-16866). They were able to obtain local root shell on both x86 and x64 machines by exploiting CVE-2018-16865 and CVE-2018-16866. The exploit worked faster on the x86 platform, achieving its purpose in ten minutes; on x64, though, the exploit took 70 minutes to complete. Qualys is planning on publishing the proof-of-concept exploit code in the near future, but they did provide details on how they were able to take advantage of the flaws.
Thats what you get for running systemd (Score:5, Insightful)
Giant bloated executable where trim purpose built utilities and text should be used.
Re:Thats what you get for running systemd (Score:5, Insightful)
Re:Thats what you get for running systemd (Score:5, Informative)
Spot on. After reading Mike Gancarz book The Unix Philosophy, it changed how I did things. I now don't write captive scripts, keep everything in plain text, and write tools that do only one thing well. Truly an eye-opening book.
Re: (Score:3, Funny)
Re: (Score:3)
Of course many bugs have been found and fixed in them over the decades.
Re:Thats what you get for running systemd (Score:5, Insightful)
Of course there have been bugs. But software with a much smaller and well-defined scope (like only being an init system) tend to have less bugs. Also, software with better design choices and better QA tend to have less bugs.
Also, the dependencies on systemd instead of some independent standard with well-defined interfaces is unfortunate.
Re: (Score:2)
Re: (Score:3)
Knowing the quality of 90% of the init scripts I've had to review, I'd be very surprised if there's any overall security advantage to init+the daemons systemd replaced compared with systemd itself.
You're conflating three different things: service management, init scripts, and the daemons themselves.
Daemon code quality is out of scope. A bug in the program should be fixed or handled upstream (unless you're a 2019 dev where no one fixes anything because they don't care if it crashes as long as someone spins up another one).
Init script quality varies *heavily* by distro/ecosystem. Debian/Ubuntu scripts, in my experience, are hot messes. Scripts written to be completely distro agnostic are usually pretty
Re: (Score:2)
The init scripts are largely irrelevant since they do their job and then go away.
As for the daemons, they are their own scope under a sane init system.
Re: (Score:2)
Isn't that a bit like a serial killer trying to excuse himself by claiming all of his victims were jaywalkers?
Systemd: Conflict of interest? (Score:2, Interesting)
SystemD causes a lot of problems. That makes more money for people who work for companies that do Linux technology support.
Is that a giant conflict of interest? Was SystemD allowed by management of Red Hat because it would make more money?
Mark Shuttleworth said, "Losing graciously" [markshuttleworth.com]. (Feb. 14, 2014} "It will no doubt take time to achieve the stability and coverage that we enjoy today..."
Re: Systemd: Conflict of interest? (Score:4, Insightful)
the one thing I learned at the place I work is that people and businesses are not rewarded for perfect code -- trouble-free code results in the project being thought of as small and not valuable -- if you want money, you need to build complex and buggy code - systemd supporters are no dummies and know what it takes to earn more money
Re: (Score:3)
Its systemd, not SystemD.
Have you ever looked at some bash startup scripts? Its difficult to analyse compared to the declarative style. Bash scripts are a much more serious support issue compared to the simplicity of systemd declarative unit files. I've not had any problem with systemd, and not that is worse than what we had with sysv init.
Also, ubuntu had systemd -like init with Upstart for many years, systemd just standardized so we dont have to learn another init system for every other distro.
I really
"Alexa, start Apache". Smple input to complex code (Score:5, Insightful)
Even simpler than a systemd declaration is saying "Alexa, start Apache".
That doesn't mean that Alexa's AI code is simpler than a 20-line bash script. You're comparing the *input* to the systemd code, a config file, vs the actual code that does things in SysVinit.
In sys V, the shell script starts the daemon, it *is* the code. If anything is wrong or you want to change anything, you can look through the shell script and change things. In systemd, the declaration is handed to a binary that does who-knows-what.
Re: (Score:3)
I don't mind that services have a simple config declaration, with mostly standard start / stop handling. But it would be better to start with some form of "#!/..." so the config file can be used as a script that launches a generic service handler from a traditional init system.
But that's not the only part of the OS that systemd is trying to replace...
Re:Systemd: Conflict of interest? (Score:4, Informative)
Have you ever looked at some bash startup scripts? Its difficult to analyse compared to the declarative style. Bash scripts are a much more serious support issue compared to the simplicity of systemd declarative unit files.
Shell, and scripting generally in shell languages, is a key component of all *nix systems. Yes, it's possible to write horrible shell code in an init script, but that's largely the fault of the *author*. Most init scripts are simple; except for whatever custom logic is needed uniquely for this daemon, the rest is boilerplate.
I'd submit that if you can't understand this code, you're not ready to operate or administer a *nix system at the command line or service management debugging level.
https://fedoraproject.org/wiki/EPEL:SysVInitScripts#Initscript_template [fedoraproject.org]
Re: (Score:3)
I've had precisely one problem with an init script, ever. It was that long ago I found the solution in an actual paper book.
Every systemd based distro I've even tried has given me problems of some kind.
Re: (Score:3)
Re:Thats what you get for running systemd (Score:5, Insightful)
The developers weren't thinking about hostile input when they were writing code, and didn't test corner cases. It worked for them!
The developers were not thinking, period.
Re:Thats what you get for running systemd (Score:5, Funny)
The developers weren't thinking about hostile input when they were writing code
You'd think, by this point in time, Poettering would be very familiar with hostile input - heck, just look at most of the systemd discussions here on Slashdot!
Re: (Score:2, Interesting)
This is false, systemd is decentralized into 40 independent executables.
The basic concept of systemd makes sense, you start a list of services first and once that is complete you move onto a seperate list of services . You have unit filed which indicate after target they are a part and which one they depend on. The unit files are simple and easy to understand. An implementation quality issue is a seperate issue from the basic design pattern, the design pattern is a sound concept
You can still use SysV type i
Re:Thats what you get for running systemd (Score:4, Funny)
Re:Thats what you get for running systemd (Score:5, Funny)
You have unit filed which indicate after target they are a part
Well, that made about as much sense as I'd expect from a defense of systemd.
Re: (Score:2)
Xzibit here - can one of the services in the list of services start a list of services?
Re: (Score:3)
And if I want to replace one of those 40 independent executables with my own, I just do so, right? The documentation clearly describes their input and output, so that they truly ARE independent?
No?
Then how are they independent? They are a big mass with interdependent states.
And there are no discernible pros to binary logs. Something like ripgrep will search very quickly through text logs. And there is no advantage to storing binary data in a database over storing text data in a database. The opposite is tru
Re: (Score:2, Funny)
Can someone help me out and explain to me exactly what problem systemd solves?
Red Hat did not have sufficient control over the Linux ecosystem. systemd is effectively addressing that problem.
Pure Poettering inspired incompetence (Score:5, Insightful)
Looking at the code, all three of these bugs are inexcusable. The systemd devs really are incompetent.
Re:Pure Poettering inspired incompetence (Score:5, Insightful)
They didn't just copy Microsoft's init system and service manager, they copied Microsoft's attitude towards security and code quality.
Re: (Score:3, Insightful)
And this is the actual reason why people don't like systemd. It's quality is bad and when it crashes the kernel panics.
Re:Pure Poettering inspired incompetence (Score:5, Funny)
And this is the actual reason why people don't like systemd. It's quality is bad and when it crashes the kernel panics.
We all panic.
Re: (Score:2)
Yeah, but when the colonel panics, it's bad for the whole regiment.
Re: (Score:2)
Re: (Score:2)
These bugs are mindbogglingly stupid. Damn, I'm glad my systems are systemd free.
Re:Pure Poettering inspired incompetence (Score:4, Insightful)
Absurd comments like this highlight why Red Hat and all major distros no longer care about enthusiasts. They do something ridiculous (adopt systemd, break 40 years of Unix conventions, creating a tightly coupled architecture) and your first instinct is to start whining about Microsoft.
Re:Pure Poettering inspired incompetence (Score:4, Interesting)
Systemd is a straight-up copy of the way Windows does things. That to you is "whining about Microsoft"? Making Linux more like Windows is exactly what no one was asking for.
Re: (Score:2)
Systemd is a straight-up copy of the way Windows does things.
I dunno... it seems to me that systemd is more of a wannabe clone of Apple's launchd that came about because Apple wouldn't offer launchd under the GPL.
Re: (Score:3)
Re:Pure Poettering inspired incompetence (Score:4, Funny)
Poorly knocking off an apple product?
How much more microsoftish can you get?
hawk
Re: (Score:2)
Re: (Score:3)
Re: (Score:3)
Details here: (Score:5, Informative)
Delicious irony (Score:3)
That is the more polite version of "you incompetent chumps make our searches easy and worthwhile. And we listened to a lot of System of a Dawn."
This is non-news (Score:5, Interesting)
for me... I switched to Devuan a few months ago.
Yes, I know there are plenty of bugs and vulnerabilities to go around, but based on the frustrations that systemd caused me, I think I am afforded a bit of schadenfreude.
Re: (Score:2)
Devuan for sure! Interestingly, MX Linux (steadily climbing up DistroWatch's page hit rankings to #2 at present) allows installation without systemd, but I don't know whether MX has gone to the extent of Devuan in actually ripping it out or just working around it.
Shock! Surprise! Dismay! WTF did you expect? (Score:5, Interesting)
Re: (Score:2)
One of the things that does not make sense about your position is you can use sysv init with systemd, also systemd can generate your text based log files for you. Considering these two facts, systemd can work like how you want it to work. You seem to be more opposed to *other people* using it in ways you do not think they should be allowed to use it. So who is the tyrant?
Re: (Score:3)
CrapD strikes again (Score:2)
Fortunately, I run Linux, not Poetterix and are nicely unaffected.
At Devuan, we knew this was going down (Score:2)
C programming language strikes again (Score:3)
Two of the bugs only possible in with unsafe referencing/allocation ... par for the course.
Re: (Score:3)
Re: (Score:2)
A basic static code analyser spits out so many false positives on a codebase this size you'd have rewritten half of it by the time you convinced yourself they were all meaningless (and missed the few important ones in the sea of noise).
Re: (Score:2)
Re: (Score:2)
It has benefited, but it can't prevent the same shit happening again and again.
Static code analysis just tries to find ways we found in the past to fuck up with pointers, buffer overflows and use after frees (among other things). There's an infinite way to fuck up with them though and their pattern matching is no match for our creativity at fucking up.
Re: (Score:2)
Re: (Score:2)
Once again: Slackware NOT affected. (Score:3)
Slackware ships with a simple, effective BSD-style init populated by simple and readable shell scripts. Its BDFL, Patrick Volkerding, made the decision to purposely avoid systemd like the plague and I think he is right.
Install Slackware, and many sysadmin's worries will go away.
Re:Once again: Slackware NOT affected. (Score:5, Informative)
Slackware ships with a simple, effective BSD-style init populated by simple and readable shell scripts. [....] Install Slackware, and many sysadmin's worries will go away.
You are missing the forest for the trees. What you really want isnt a "BSD-style init", what you really want is BSD.
Linux isnt unix, so dont expect it to maintain the unix philosophy. BSD is unix.
Fun fact: Been true forever
Re: (Score:2)
Linux isnt unix, so dont expect it to maintain the unix philosophy. BSD is unix.
As the old saying goes:
BSD is what you get when a bunch of UNIX hackers sit down to try to port a UNIX system to the PC. Linux is what you get when a bunch of PC hackers sit down and try to write a UNIX system for the PC.
So that said, I'll stick to my Slackware installs thank you..
Re: (Score:2)
As someone said, I think there's quite a baby with the bathwater you propose to throw.
Re: (Score:2)
Re: (Score:2)
Slackware - being the oldest distro out there still alive - is as close as standard UNIX as you can come in Linux world.
Re: (Score:2)
Slack was my 1st linux distro, and I'm a long time admirer of it. But nowadays I use devuan, a systemd free fork of debian. There's also PClinuxOS that is systemd free. For me, the acid test is whether I can use me-tv to watch and record ATSC broadcast TV. Back in the pre-systemd days I could not get me-tv to work on ubuntu but I could get it to work on mint (something to do with the gui libraries). I really liked PCLinuxOS but, last time I tried, I couldn't get me-tv to work on it either, same proble
Hang on (Score:3)
why not make a new init system? (Score:2)
Can this be the straw (Score:3)
...that broke the camel's back? FINALLY? PLEASE?????
Can the idiotic pro-systemd folks finally admit they were wrong, abandon the whole misguided concept, and start the process of moving back to unix philosophies and architecture? The world dropped xfree86 fast as a hat, pretty much spun on a dime and moved to X.org.... let that happen w/ systemd as well.
Or, better yet, just shift support en masse behind FreeBSD and get the hardware and desktop environment and app support back up there like it used to be. Honestly, that'd be the better path and the end result so much better.
Probably too much to hope for...
the unix philosophy (Score:3, Interesting)
I come not to praise systemd, and certainly not to praise Poettering or RedHat...
But these anti-systemd rants would be more impressive if you guys had showed any signs of thinking through what you're saying about The Unix Way and all that jazz.
Yes, sometimes decentralized, small encapsulated components are a win, but sometimes monolithic designs where the pieces can talk to each other easily are a win-- You might notice that when Linus Torvalds was asked about this he made some rather mild comments about how some aspects of linux, like the graphic display environment has always been more monolithic.
Arguably, the initial reason perl was a big deal is it took a bunch of features from the shell programming world and stuck them all inside of one process-- you can do lash-ups of shell, awk, sed and so on, or you can just write a perl script and pretty frequently the perl script is really and truly a better option.
And take a look at some of the classic shell utilities some time. Look at the docs for things like "find", "tar", etc... do they really look to you like something that's designed to just do "one thing"?
You guys who keep intoning "the unix philosophy" over-and-over might want to stop and think about the way things really get done with unix.
But then, none of this is a defense of systemd, or the way systemd was put over...
Re: (Score:3, Insightful)
Perl is a language. It doesn't do anything on it's own. Executing on the language is the "do one" thing and a completely open interface.
find, well, finds things. I don't think finding /only/ "one" kind of thing and doing that "well" would make any sense. The "find" is the thing it does. That makes sense. Are you suggesting 'find' means something different?
tar as we know is Tape ARchive. It's a backup tool. Wait, what you don't want to use it to backup things? ... what would make it not go saving off things?
How to fix this (Score:2)
Are the deep parts of an OS you are using still supportive of that philosophy?
If not consider changing to a better quality OS.
Re: And Jane face it it's been a while (Score:3, Interesting)
new things are great! alternatives are wonderful! systemd is just awful.
Re: (Score:2)
^ this
Re: (Score:3, Interesting)
New isn't always equivalent to better, and my biggest objection to systemd is the fact that it's gone way past an init system. It has way too large a scope for what it was supposed to be and a core team that doesn't have the skill to keep up with that scope.
Mr. "My-printer-is-not-a-file" should probably go back to working on Pulse.
Re:And Jane face it it's been a while (Score:4, Interesting)
Re:And Jane face it it's been a while (Score:5, Insightful)
It's less about resisting change and more about resisting stupid.
The problem with systemd is that its design is wholly antithetical to the Unix philosophy. It is nothing less than a tragedy for Linux that something like it has become so tightly integrated into as many distros as it has.
Re: (Score:2)
Sure... and guess what?
It's not.
Re:And Jane face it it's been a while (Score:5, Informative)
Probably a good chunk.
That said, init and upstart solved problems in a fairly small domain: starting daemons in dependency order. SMF, launchd, and a few others did the same thing. They sucked to learn, but they gave us parallel startup, services that could start in response to events (logins, socket connects, etc.) and that was worth some relearning.
Things that systemd has embraced into its scope that SMD and launchd did not include:
Thanks to RedHat's backing, the systemd developers have a bully pulpit to force policy on Linux users everywhere. Like when nohup stopped working by default [slashdot.org]. The usual rationale from Poettering and company are that things are "broken" or "nobody needs that."
Right now, on my Debian box, in ~root/ is a script called thanks-systemd.sh. It mostly boils down to: cd /dev ; for i in dm-? ; do ln -s ../$i mapper/$(cat /sys/devices/virtual/block/${i}/dm/name); done
Because for about two weeks my system stopped autobooting due to some churn between LVM2 and systemd. LVM2's worked nigh-flawlessly for 20 years, and its semantics haven't changed.
It's one thing to change a clunky misfeature (init scripts) in some jarring way to make them better. It's quite another to take over most aspects of systems management, do them differently "just because," and break random things because of scope creep.
Re:And Jane face it it's been a while (Score:4, Insightful)
I heartily recommend Devuan.
Re:And Jane face it it's been a while (Score:5, Informative)
Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new. The init/upstart process was easy enough to understand but clinky and as full of problems as systemd really. Except, of course of the most common use cases where it had been worked out.
Gonna call citation needed on that, especially if you're combining them as "init/upstart".
upstart, when primarily running as a traditional SysV init (meaning handle initial setup procedureally, then execute an rc script which executes a series of rc#.d/ scripts, which is how upstart was used in RHEL6, for example, was neither "clinky" nor "as full of problems as systemd".
A primary reason so many people have problems with systemd is that it intermingles the complexity along its entire axis of execution instead of isolating it in a discrete manner. Any time you have event-based management you have the potential for intermittent problems, race condition security issues, memory bugs, etc.
In previous init systems, persistent management or event mechanisms hung *OFF* the init path and only affected their own children or the services under their control if something went wrong. (This goes for all service managers: inet, xinetd, supervise, whatever.) Meanwhile, the init path is controlled by one-time scripts and as minimal an event mechanism in PID1 as possible.
Now, all that complexity happens as PID1, or communicates back to PID1, or relies on IPC between the two that is not particularly tight and isolated. Waaaaay more potential for chaos results here, which is why these types of holes are more and more likely to occur.
Re: (Score:2)
A primary reason so many people have problems with systemd is that it intermingles the complexity along its entire axis of execution instead of isolating it in a discrete manner.
Mmmmmmmm what a beautiful sentence.
Re:And Jane face it it's been a while (Score:5, Insightful)
"The init/upstart process was easy enough to understand but clinky and as full of problems as systemd really."
No, it really wasn't. You are confusing user error with the actual utilities which were rock solid. There was some functionality missing but alternatives existed, they largely weren't widely adopted because that functionality just didn't offer enough benefit to be worth it.
The problem with systemd is that it was a solution that was built and broke all *nix design philosophy. Every layer of complexity added to a framework adds an order of magnitude of probability for error and trades flexibility for tight integration. If a bug does come up it will be fixed almost immediately with small and efficient utilities because you aren't debugging a complex behemoth you are debugging a tiny and simple application.
Re:And Jane face it it's been a while (Score:5, Insightful)
Re: (Score:2)
That's even more frustrating after you waste a bunch of time debugging then when you resort to starting the service at the commandline, it shows a clear error message.
Re: (Score:2, Insightful)
I haven't seen a systemd thread for quite some time around here I guess we're due.
Some of the rants and raves are actually pretty good.
Yet I can't help wondering how much of it is really just people who resist change because they don't want to learn something new. The init/upstart process was easy enough to understand but clinky and as full of problems as systemd really. Except, of course of the most common use cases where it had been worked out.
As for these bugs they don't seem to be making much of an industry problem.
How much of systemd is due to people who don't want to learn something old? It's always more fun to design from scratch than to actually understand the reason why it was done that way.
Re: (Score:3)
Personally, I refused systemd after learning it. So there's that too.
Re: (Score:3)
Most people have either become resigned to systemd, or switched to something that doesn't use it. So one would expect the threads to decrease. I also haven't heard anyone say they liked it recently. (And I still don't. But I haven't switched yet because doing so would be a major inconvenience. But when I set up my next system, I probably will avoid systems that use systemd. So far I haven't seen *ANY* benefits, and I've experienced, and continue experiencing, many small irritations. I'm definitely co
I know you are trolling... but change can be great (Score:5, Insightful)
I was a RedHat user back on v5.1. I tried to upgrade my system, and it was awfully painful. But I stuck with RedHat. Then I upgraded again. And again. Every time it got a little less painful, but it still sucked. Then I decided to try out another distro. Mandrake. It was nice, and I liked KDE! I upgraded a couple of times, and it wasn't too bad. So change was good. After a few more upgrades, it still wasn't that smooth. I decided to try out Ubuntu, and I really liked it. Since I was liking KDE I switched to Kubuntu. Change was good! I upgraded a couple of times - near flawless! Change was great! Then KDE started to really annoy me - too much flash, and eventually a bug cropped up that caused me all kinds of headaches. So I switched to Xubuntu. XFCE was great, and change was good! I upgraded that system several times, and it was very smooth. After 7 upgrades, things were getting less stable. Since i was going to reinstall anyway, i looked at other distros.... ah, Linux Mint. Polished, but with XFCE not overly so. I had found my distro, change was great! The method of upgrading was to reinstall cleanly, so I made sure to set up my new system so that was minimally painful. Then I was able to upgrade in place - painlessly! All was right.
Then after one upgrade, I noticed that my machine started having various issues. I couldn't shutdown cleanly. I would take minutes to shutdown, where it used to take seconds. I thought it was hardware at first, but it wasn't. It was systemd. I hadn't noticed before upgrading that they were switching to systemd. I had begun to trust Mint so much that I just thought it would be smooth. I learned more and more about systemd, and tried to fix the issue. No deal. So I gritted my teeth and dealt with it. Change can be bad. Eventually I got a different computer, and then I had complete confirmation that my issues weren't hardware related because they persisted. It was time to find a new distro.
It wasn't an easy search, because by this time systemd had kind of taken over. Mint only went to it because it's a downstream of Ubuntu. Clem (maintainer of Mint) confirmed this to me, that it wasn't his choice at all and it was just the easiest route to take.
I looked at the BSDs, Arch, Slack, and a few others. But because I was familiar with and really liked the apt package manager, I chose Devuan. It was not only a great distro, but I know that it is specifically focused on NOT implementing systemd. It was a simple install and upgrade, and my system is fast as ever and shuts down within seconds again. So again... change is great!
Re: (Score:2, Interesting)
There is some truth to this. Linux is just a kernel, but there are myriad userland programs, toolchains, and other ancillary software bits that make up a GNU/Linux system. Linux (full system/any distro) is so balkanized. Companies like Red Hat employ the programmers who write stuff like systemd/pulseaudio, etc., so they automatically steer the direction every other distro must go in. I was shocked when Debian adopted systemd, and now more and more software has to have it as a REQUIREMENT. This is one reason
Re: (Score:3)
"niche operating system"
The 90's called and want this argument back.
Re: (Score:2)
While that enhanced the security, that wasn't the basis of it. Simple reliable design that could be reasonably debugged was the basis. Also code that large numbers of people could read and understand. (No, not everybody. And I never bothered to learn to. But large numbers.) This, of course, requires that the code be relatively simple. Which means modular, with limited externalities.
Systemd is a massive failure in ever one of these respects, and I suspect intentionally so. I don't mean I'm certain.
Re: (Score:3)
It's been at least a couple decades. Today, Linux is more widely used than literally anything else.
Re: (Score:2)
There were many intermediate exploits. But they were relatively easy to fix, and fixed relatively quickly. As the software groups have gotten larger, this has become less and less true.
The complaints about "SJW drones", "codes of conduct", etc. aren't totally without merit, but their validity has more to do with the fact that they only become relevant in larger projects. But larger projects *need* more oversight and administration. (Also, larger projects tend to exclude the kind of people most likely to
Re: (Score:2)
I have this fantasy where we lock the SJWs and ASJWs in a room together, and let them fight it out for eternity amongst themselves. Kind of like the end of that bad Star Trek episode.
Now do you think you could go away and stop bring up the same point over-and-over in this ground-breaking discussion of systemd?
(Yes, I know. "Let That Be Your Last Battlefield". Third season, of course.)
Re: (Score:2)
Where is the responsible RTFA? (Score:3)
https://www.qualys.com/2019/01... [qualys.com] :
2018-11-26: Advisory sent to Red Hat Product Security (as recommended by
https://github.com/systemd/sys... [github.com]).
2018-12-26: Advisory and patches sent to linux-distros@openwall.
2019-01-09: Coordinated Release Date (6:00 PM UTC).
Re: (Score:2)
Meanwhile, just two articles earlier on the same exact page you just posted to: "Windows 7 Users Who Installed January Update Report Network Issues; Some Say the Update Has Also Incorrectly Flagged Their OS License as 'Not Genuine'" [slashdot.org]
Re: (Score:2)
Does this need local access? Or just remote access?
Re: (Score:2)
To the commenters informing me that Linux is a multi-user system I'm not sure what your point is. If this bug needs an attacker to be standing in front of the machine, typing at the keyboard, you're a bit screwed regardless.
Re: (Score:2)
Linux is a multi-user system from the ground and up.
Re: (Score:3)
someone has local access to your machine, you're doing it wrong anyway.
Linux is a multi-user operating system. It's designed explicitly to support multiple users concurrently with limited privileges.