Re: Embarrassing security bug in systemd

To: debian-user@lists.debian.org
Subject: Re: Embarrassing security bug in systemd
From: Gene Heskett <gheskett@shentel.net>
Date: Fri, 8 Dec 2017 15:29:20 -0500
Message-id: <[🔎] 201712081529.20203.gheskett@shentel.net>
In-reply-to: <[🔎] 87zi6txfb1.fsf@genie.metacom.gr>
References: <[🔎] ygfindj7cdq.fsf@tehran.isnogud.escape.de> <[🔎] 1512747814.22891.12.camel@debian.org> <[🔎] 87zi6txfb1.fsf@genie.metacom.gr>

On Friday 08 December 2017 13:09:06 Menelaos Maglis wrote:

> >> > Basically, it was a completely inconsistent mess before systemd.
> >> > Now you at least have a central place where you can configure
> >> > your system behaviour.
> >
> > In the past, we had *no consistency*: inittab had one thing, display
> > managers another, ACPI scripts another...if you wanted a specific
> > policy, you had to change three or more separate systems.
> >
> > Along came [a new system] which provided a single place to define a
> > consistent policy.
>
> systemd provides a single place to define a consistent policy,
> provided your system uses systemd.

Which until now I have never seen its supposed advantages touted. Maybe I 
don't subscribe to the right lists?

rant mode on!

Couldn't a lot of the hatred for systemd have been avoided if it was 
adequately discussed/described in the first place? Had it been 
accompanied by an adequate description, and a clear but concise man 
page, including how to change it if you didn't like the defaults, would 
have made this take it or go run windows attitude a hell of a lot easier 
to accept.

I can say the same for pam. I just read the man page for the umptyieth 
time, but not a single character was devoted to how to change its 
behavior, and its blocking me from doing things on jessie or stretch 
that were/are Just Doable on wheezy. synaptics-pkexec for instance, 
absolutely no reason I am denied that for jessie and stretch, but in 
both cases I am forced to do it from the machines own keyboard even if 
most any other gfx using program can be run from here over an ssh -Y 
login. On a home network thats behind a firewall that has not been 
penetrated in 15 years, such restrictions are the same stuff usually 
found on the ground behind the male of the bovine specie.

I have previously asked how to fix that, and been /universally/ ignored. 
So where do I find out how to fix that?

> In anycase, it should be a documented configuration option to allow
> for alternative use cases.

A universal wish I suspect. But it seems to be a bigger secret than the 
winderz 10 source code.

I am not a migrant from the M$ camp, so quit treating me like one. The 
ONLY machine I own that ever had windows on it, because 12 years ago if 
you wanted a portable "lappy" you could take on the road when playing 
visiting fireman at some broadcast facility that had technical fires to 
be put out, you bought it with xp on it. But xp got nuked for mandrake 
after I spent a week or more trying to make the windows driver actually 
work with a bcm4318 radio it had. But netgear sells several usb dongles 
that just work with linux.

/rant off
Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>

Reply to:

Follow-Ups:
- Re: Embarrassing security bug in systemd
  - From: <tomas@tuxteam.de>

References:
- Embarrassing security bug in systemd
  - From: Urs Thuermann <urs@isnogud.escape.de>
- Re: Embarrassing security bug in systemd
  - From: Jonathan Dowland <jmtd@debian.org>
- Re: Embarrassing security bug in systemd
  - From: Menelaos Maglis <mmaglis@metacom.gr>

Prev by Date: Re: MATE Search Tool -- forcing a default search path
Next by Date: Re: Embarrassing security bug in systemd
Previous by thread: Re: Embarrassing security bug in systemd
Next by thread: Re: Embarrassing security bug in systemd
Index(es):
- Date
- Thread