On Mon, Jul 3, 2017 at 9:26 AM, Philip Hands phil@hands.com wrote:
Might I ask in response: What the hell are you doing not fact checking this before repeating it?
because in the scheme of programs-that-constitute-systemd it really doesn't matter, phil. the slashdot report also includes a link to this second discovered flaw:
https://ma.ttias.be/giving-perspective-systemds-usernames-start-digit-get-ro...
once those have been fixed, there will be more severe bugs discovered. and after those, yet more discovered. it's never going to end... and that's just the security aspect.
the situation before systemd was that we had quotes imperfect quotes disparate programs that were managed by completely different teams. the actual init system(s) that used those programs did not "develop" significantly because... basically they did not *need* actual development.
now we have the most dangerous situation where power is concentrated into the hands of a few *known* irresponsible developers who simply *do not know when to stop*.
i cannot think of anything more dangerous to the entire software libre eco-system than 98% of GNU/Linux distros having abdicated power and responsibility into the hands of lennart pottering and his team.
l.