Bravo Poettering, he did it again!!
>>24718Newer versions of libsystemd don't use libxz anymore. This shows the devs are aware it is being used in security-sensitive contexts like sshd, but what they're doing amounts to polishing a turd. Libsystemd was never conceived to be used in that way.
The exploit was ultimately made possible by the actions of the major systemd distros. Despite the ubiquity of systemd, upstream openssh didn't deem it necessary to include the functionality for a good reason. As opposed to something like qmail, sshd is a single binary where a line of insecure code can compromise the whole program and all systemd related functionality was patched in by distro maintainers.
As far as i can see the dependency was added in 2022 to support the systemd notification protocol for socket activation:
>As of version 1:9.0p1-1ubuntu1 of openssh-server in Kinetic Kudu (Ubuntu 22.10), OpenSSH in Ubuntu is configured by default to use systemd socket activation. This means that sshd will not be started until an incoming connection request is received. This has been done to reduce the memory consumed by Ubuntu Server instances by default, which is of particular interest with Ubuntu running in VMs or LXD containers: by not running sshd when it is not used, we save at least 3MiB of memory in each instance, representing a savings of roughly 5% on an idle, pristine kinetic container.Imagine adding a kludgy inetd because your defaults suck and users can't or won't pass 'systemctl disable sshd' to the system. Leaving readily accessible ssh daemons on every ubuntu system is an just waiting for an exploit like this to happen and maim every inattentive sysadmin in the process.
>25013>THERE IS NO ALTERNATIVE BUT SYSTEMD.openrc, try it
with gentoo, it's better than systemd
>>25016nah openrc is better, even though richard stallman himself does not see an issue with systemd, you can't just depend on one init system clearly trying to kill out all other init systems, but systemd is slowly becoming a system in itself so it will probably try to kill and replace GNU too
>only right wingers careabout thisnah
>>25018>open rc try it, it's better than systemdmissed the point award
>nah openrc is better, even though richard stallman himself does not see an issue with systemd, you can't just depend on one init system clearly trying to kill out all other init systems, but systemd is slowly becoming a system in itself so it will probably try to kill and replace GNU tooi don't think you understand what systemd is other than the fact it started out as an init system and that's what most people associate it with, even though it's supposed to be a subsystem in itself designed to fix a lot of the core problems with linux,
>so it will probably try to kill and replace GNU toosystemd is designed pretty much as close to how say emacs is designed, that is also a subsystem in itself at this point
>nahyes, right wingers HATE systemd, every right wing linux youtuber i've seen goes on rants about how systemd is… le bad
>>25035and also another point you 2 are missing is that i am not talking about systemd as an init system, because to think of it as only an init system misses the entire point of my argument, my argument is that systemd is the objectively best way to do most low level non-kernel tasks on linux like managing services and such, more and more software is requiring systemd, that's what i mean by >systemd is inevitable
since it is, systemd will replace more and more of the low level tasks that are above the kernel and it doesn't matter what you may think of systemd, it is the future of linux and also before i await one of your next responses i'm going to say that there is a difference between anti-systemd and just not using it like with void, gentoo or antix linux and actively opposing it like with devuan or artix
>>25035>yes, right wingers HATE systemdhating is one thing, not wanting to use it because clearly openrc and sysvinit are better is another. but actually hating systemd is cringe, not even richard stallman sees an issue with it
>systemd is designed pretty much as close to how say emacs is designed, that is also a subsystem in itself at this pointI'm still predicting that systemd will slowly replace at least most of GNU but not all of it
>>25036>i am not talking about systemd as an init system>my argument is that systemd is the objectively best way to do most low level non-kernel tasks on linux like managing services and suchTHAT'S EXACTLY WHAT AN INIT SYSTEM DOESSSS BRUH
>more and more software is requiring systemdactually more and more systemd daemons are being created for said software(that actually needs a daemon for some reason), which could work on any init system with a service script written for it, but what kind of actually useful software would actually need to use daemons anyways aside from maybe an antivirus(that can still be run without daemons)?
btw antiviruses are useless >that's what i mean by >systemd is inevitablenever had an issue with openrc on gentoo
>systemd will replace more and more of the low level tasks that are above the kernelthat's sus, it's like trying to form a monopoly, but as long as it's free software then it doesn't matter also since you can just switch init systems anyways, if I was stuck with systemd then I'd actually rally against but not the case
>>25072i wouldn't, no, but if it could be automated in a systemd-esque manner i don't paticularly care
>>25070>I'm still predicting that systemd will slowly replace at least most of GNU but not all of iti don't actually think this is a bad thing in itself
>THAT'S EXACTLY WHAT AN INIT SYSTEM DOESSSS BRUHyeah but that's only part of the init process, systemd is still more than an init system
>that's sus, it's like trying to form a monopoly, but as long as it's free software then it doesn't matter also since you can just switch init systems anyways, if I was stuck with systemd then I'd actually rally against but not the casei don't think this is a bad thing because the reality is if you don't want to use systemd, you can just create things that don't use it, i think if systemd monopolizes it then it's much easier for some other project to do a similar thing itself
>>25080>if systemd monopolizes it then it's much easier for some other project to do a similar thing itselfatm we have openrc
it wouldn't try to counter-monopolize though>i don't actually think this is a bad thing in itselfthe fsf would definitely try to stop systemd
somehow if it ever happens and would probably make a GPL4 that counters monopolies
>yeah but that's only part of the init process, systemd is still more than an init systemyeah true, like systemd's udev and etc
like, they also have a bsod, like wtf >>25081the FSF lost all of its power long ago
>yeah true, like systemd's udev and etc like, they also have a bsod, like wtfi mean the bsod isn't even turned on by default in most distros, you kind of have to go out of your way to stop it
>>25212>>25212the people's free software foundation would be a richard_stallmanist-leninist
party foundation
>>25013linux was always meant to be a hackable hobby os i think
but for professional sysadmin'ing and low-effort desktop usage, systemd is best
Unique IPs: 21