
On Mon, 10 Aug 2015 03:25:30 PM Peter Ross wrote:
Finally the vast majority of Linux systems are single user. That means Android phones/tablets and desktop PCs running GNOME, KDE, etc. There is no need to compromise init.
systemd takes care of Linux containers which provide or can provide user/application separation. A flaw in this leaves you with a false sense of security, in case you use it.
People say that about every improvement to Linux security. But the usual case is that people don't rely on such measures as a single level of security. Usually Unix permissions are the first level and containers etc are only used as a fallback. This is different to the case where a jail is used instead of a virtual machine. Adding containers to the basic functionality of an init only improves things. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/