> Point being, it's fun to hate on systemd, and maybe even hipster-like, and systemd is hard...

lmm • today at 4:21 AM • 1 reply • view on HN

> Point being, it's fun to hate on systemd, and maybe even hipster-like, and systemd is hardly perfect... but you are probably more likely to be exploited by a pypi or npm supply-chain attack.

Can you even imagine pypi or npm compromising ssh this way?

Replies

k_roy • today at 5:02 AM

> Can you even imagine pypi or npm compromising ssh this way?

Is ssh somehow sacrosanct in a way that any other RCE or credential stealing attack is different?

I don’t even know the last time I exposed ssh to the open internet.

But the fact with npm or pypi you can be exploited just by running the software you’ve already installed because the dependencies are everywhere on your system?

➕ show 1 reply

alt Hacker News

Replies