Quoting Russell Coker (russell@coker.com.au): [a great deal of energetically missing the point, snipped]
The Linux kernel is much larger than systemd and has many more interfaces to sources of hostile data.
The security problem primarily raised by systemd has very little to do with the init or its ancillary and unneccessary daemons (hostnamed, timedated, localed, logind, etc.) and utilities and a great deal more to deal with its ridiculously bloated _external_ dependencies, e.g., routing all process privilege decisions through PolKit, one of the several badly engineered, ever-changing[1] bits of Freedesktop.org codebases to which systemd ties your system operation -- pointlessly and unecessarily, as the creator of the uselessd fork (abstracted, cleaned up, and properly modularised from systemd 208) pointed out by example. The feature creep and intrusive functionality of systemd itself is annoying and a sufficient reason to look elsewhere, but is not security related as such. Anyway, with reasonable luck, it'll have about as long an ascendency as HALd and devfsd, as it's certainly about as popular. [1] http://www.jwz.org/doc/cadt.html -- Cheers, "I don't need to test my programs. Rick Moen I have an error-correcting modem." rick@linuxmafia.com -- Om I. Baud McQ! (4x80) https://thc.org/root/phun/unmaintain.html