> systemd is a monstrous codebase and there lies shitload of exploits in it. Either intentional o...

k_roy • today at 3:57 AM • 2 replies • view on HN

> systemd is a monstrous codebase and there lies shitload of exploits in it. Either intentional or accidental.

And yet...

1. practically all hyperscalers use it

2. desktops

3. container images, that power everything from docker to kubernetes use it

It helps that it's actively maintained, battle-tested as hell, and widely audited.

Point being, it's fun to hate on systemd, and maybe even hipster-like, and systemd is hardly perfect... but you are probably more likely to be exploited by a pypi or npm supply-chain attack.

Replies

toast0 • today at 4:52 AM

> It helps that it's actively maintained, battle-tested as hell, and widely audited.

Is it actually audited? Or is it like OpenSSL... everybody uses it, but nobody looks under the hood cause it's gross in there? (Or well, nobody looked before Heartbleed anyway)

➕ show 1 reply

lmm • today at 4:21 AM

> Point being, it's fun to hate on systemd, and maybe even hipster-like, and systemd is hardly perfect... but you are probably more likely to be exploited by a pypi or npm supply-chain attack.

Can you even imagine pypi or npm compromising ssh this way?

➕ show 1 reply

alt Hacker News

Replies