Mathieu Bridon wrote: > Well, socket activation gives you better speed and resource usage as > already mentioned, but it also gives you: > [some really nifty features] > > So basically, much improved service availability (which is what matters > to your business, isn't it?), and easier configuration/maintenance > (granted, once you've learnt the new commands/tricks). > > Knowing that the security issue is highly exaggerated (as Lennart has > repeatedly stated, systemd doesn't read network packets), does that seem > like a better trade-off? It might be an acceptable trade-off but I'm not yet convinced that such a trade-off is necessary. Is it really impossible to have both a simple, network- unaware Init and all the nifty features of SystemD? Imagine a stripped-down Init that does only two things: First it forks and executes SystemD, and then it just sits around and reaps orphan zombies. SystemD would then run as process 2 and do all its socket activation and other magic from there. Process 1 would then be immune to network-based attacks, and it would be possible to kill SystemD if desired (although it would surely leave the system rather handicapped). The only thing I can think of that would be a problem is if SystemD needs to be notified when processes die even when those processes aren't children of SystemD. Is that the case? Is there anything else that only process 1 can do? Björn Persson
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
