Also, I don't think we should get hung up too much on the libsystemd thing. I know people like to hit on systemd,
I know, and one of the problems that results from having just a
torrent of undeserved criticism is that it naturally predisposes
the maintainers to reflexively disregard all criticism. To be
clear: I *like* systemd. One of the things I like about it is
that while the project is fairly large, the individual
functions/services are modular and mostly independent of each
other. But that isn't really true of libsystemd. I understand
that there are some dependencies between different components of
libsystemd, but sd-daemon doesn't seem to have any dependencies on
sd-journal, for example.
but the attacker could have used various other vehicle libs for their goal, too. I mean, sshd uses PAM, and that pull in variety of things through its modules
PAM modules aren't a problem for the same reason that the
compression libraries aren't a problem now that they're
dlopen()ed.
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
