On Monday, August 22, 2011 08:32:57 PM Lennart Poettering wrote: > On Mon, 22.08.11 17:19, Adam Williamson (awilliam@xxxxxxxxxx) wrote: > > On Mon, 2011-08-22 at 20:09 -0400, Genes MailLists wrote: > > > On 08/22/2011 07:07 PM, Adam Williamson wrote: > > > > On Sun, 2011-08-21 at 17:09 -0400, Steve Clark wrote: > > > >>> -Steve > > > >> > > > >> Obviously a lot on this list value boot up speed over security! > > > > > > > > You're making a false assumption, which is that socket activation is > > > > only about speed. It's also about resource usage. (There may be other > > > > advantages I haven't considered, this is not to be considered an > > > > exclusive list.) I think it was mentioned before that systemd is consuming a lot of memory. > > > Mmmm Adam - not sure I'd give up security for a little resource > > > saving > > > > > > either ... if indeed that is the trade-off ... > > > > Well, there's a question of whether you're really giving up security. > > There's no actual vulnerability at issue here, just the theory that > > systemd is more susceptible to vulnerabilities. And that is important. If there is a threat, we have to mitigate the possibility through good design. Why is postfix composed of several cooperating processes where sendmail is not? Is there a difference in their security reputations? Why would that be? > As mentioned a couple of times systemd does not read a single network > packet, hence I'd claim systemd is no worse than sysvinit+xinetd+a lot > of stuff, yet a lot more powerful. (xinetd processes a lot of crazy > network protocols internally, and one could argue that it hence is > actually much worse here than systemd. Also, since it duplicates service > execution in two daemons the amount of code to audit is doubled.) Not really. init should be small and not really developed on all the time. Xinetd would need auditing every upstream release...but there hasn't been any in a long time. But one of the things that it does is work correctly with MLS. If a network packet comes in at top secret, it starts the daemon at top secret. I believe that systemd would start the daemon ranged from system high to low - which is wrong. -Steve -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
