[sf-lug] A command short enough to be tweeted can bring down systemd
Rick Moen
rick at linuxmafia.com
Sat Oct 8 13:14:55 PDT 2016
Quoting Bobbie Sellers (bliss-sf4ever at dslextreme.com):
> So no big Whoop1
Except that that takedown of critical system infrastructure in that
fashion _should never have been possible at all_. Ability to sabotage
the entire system init as any regular non-root user shows starkly the
nature of systemd's fundamental design problems. And those, unlike
implementation flaws, aren't going to be fixed.
As Ranum puts it:
Richard Feynman's "Personal Observations on the Reliability of the
Space Shuttle"[link] used to be required reading for the software
engineers that I hired. It contains some profound thoughts on
expectation of reliability and how it is achieved in complex systems.
In a nutshell its meaning to programmers is: "Unless your system was
supposed to be hackable then it shouldn't be hackable."
http://www.ranum.com/security/computer_security/editorials/dumb/
More information about the sf-lug
mailing list