undefined | Better HN

0 pointsbennyhill2y ago0 comments

> so now security-critical daemons like openssh have additional dependencies like liblzma

Systemd itself seems security-critical to me. Would removing other dependencies on libsystemd really make a secure system where systemd was compromised through its library?

0 comments

agwa2y ago

1. systemd (at least the PID 1 part) does not talk to the network, so a remotely-accessible backdoor would need to be more complex (and thus more likely to be detected) than a backdoor that can be loaded into a listening daemon like openssh.

2. You can run Debian systems without systemd as PID 1, but you're still stuck with libsystemd because so many daemons now link with it.

2 more replies

j / k navigate · click thread line to collapse

0 comments

agwa2y ago

2. You can run Debian systems without systemd as PID 1, but you're still stuck with libsystemd because so many daemons now link with it.

2 more replies

j / k navigate · click thread line to collapse