Bug#727708: systemd (security) bugs (was: init system question)

To: Steve Langasek <vorlon@debian.org>
Cc: Michael Stapelberg <stapelberg@debian.org>, 727708@bugs.debian.org, Ian Jackson <ijackson@chiark.greenend.org.uk>
Subject: Bug#727708: systemd (security) bugs (was: init system question)
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Tue, 3 Dec 2013 22:00:29 +0100
Message-id: <[🔎] 20131203210029.GA24336@inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 727708@bugs.debian.org
In-reply-to: <[🔎] 20131201181111.GA26973@virgil.dodds.net>
References: <21143.15318.826436.373171@chiark.greenend.org.uk> <21143.18559.754698.304773@chiark.greenend.org.uk> <x6wqjs9nrm.fsf@midna.lan> <20131129020716.GA8538@virgil.dodds.net> <20131130150714.GA4204@pisco.westfalen.local> <[🔎] 20131201181111.GA26973@virgil.dodds.net>

On Sun, Dec 01, 2013 at 12:11:11PM -0600, Steve Langasek wrote:
> > More review and more usage will lead to more bugs being found, we should
> > rather applaud Red Hat for investing resources and be diligent. After all
> > Red Hat is the only distro staffing a proactive product security team
> > (from which everyone is profiting outside of RH as well). I don't consider
> > the lack of reported security issues for the contenders as a credible 
> > indication of them being more secure.
> 
> Red Hat shipped upstart as their init system in RHEL 6.  This did not result
> in any CVEs being issued for upstart.  What conclusions should we draw from
> this?

None. The RH Product Security Team didn't exist back then (founded 1.5 years ago).

Cheers,
        Moritz

Reply to:

References:
- Bug#727708: systemd (security) bugs (was: init system question)
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Bug#727708: upstart (security) bugs
Next by Date: Re: Bug#727708: systemd (security) bugs
Previous by thread: Bug#727708: systemd (security) bugs (was: init system question)
Next by thread: Bug#727708: systemd (security) bugs (was: init system question)
Index(es):
- Date
- Thread