Quoting Russell Coker (russell@coker.com.au):
On Mon, 10 Aug 2015 04:01:45 AM Rick Moen wrote:
[a great deal of energetically missing the point, snipped]
No I'm just making a point that you want to ignore.
In that case, you were furiously attempting to refute an allegation nobody made, while purporting to respond to my posting, in a manner indistinguishable from either completely missing my point or deliberately attempting to sidestep it while pretending to not have changed the subject. Let's pretend (as you do here) as if I'd been talking about the and its ancillary and unneccessary daemons (hostnamed, timedated, localed, logind, etc.) and utilities -- which I was not -- just for the sake of discussion, and proceed from there to your change of subject (which I infer probably means you lack the background to discuss what I was _actually_ talking about):
The Linux kernel is much larger than systemd and has many more interfaces to sources of hostile data.
The security problem primarily raised by systemd has very little to do with the init or its ancillary and unneccessary daemons (hostnamed,
Which is still a minor issue compared to web browsers, MUAs, and other programs which directly and predictably accept data from potentially hostile sources.
I'm willing to wager AUS $100 about your inability to compromise root on either my Linux server (which runs mutt for me) via compromise of my MUA or my copy of one-line Iceweasel on my Linux workstation, which you would prove by revealing the contents of an ASCII file in /root called 'secret' . I would place my workstation directly on completely unfirewalled IP for the duration of this wager. If you accept this wager in principle, we would then set up a 7 day period for your planned attack and root exploit of either host. You would be required to reveal in detail your application exploit and excalation path to root authority. I have taken no particular security measures and would not do so for the duration of the wager. If you fail, I would expect your immediate tendering of AUS $100. If you succeed, the reverse payment. Hint: Your much bigger problem than the theoretical ability to send Internet-facing application software malformed input, the very non-impressive, non-threatening history of which on Linux I discuss in part on my personal FAQ pages concerning malware and Linux security, is the escalation path. -- Cheers, "I don't need to test my programs. Rick Moen I have an error-correcting modem." rick@linuxmafia.com -- Om I. Baud McQ! (4x80) https://thc.org/root/phun/unmaintain.html