[CentOS] OT: systemd Poll - So Long, and Thanks for All the fish.

Sun Apr 16 17:08:31 UTC 2017
Pete Biggs <pete at biggs.org.uk>

On Sun, 2017-04-16 at 06:53 -0400, ken wrote:
> On 04/15/2017 04:46 AM, Pete Biggs wrote:
> > Not wishing to extend this thread further, but ...
> > 
> > > There are conspiracy theories out there that the NSA is involved with
> > > bringing systemd to Linux so they can have easy access to *"unknown"*
> > > bugs - aka backdoors - to all Linux installations using systemd *[1]*.
> > 
> > They're conspiracy theories, and that's it.
> Hmm.  That's not quite it.  Wikileaks recently posted a trove of docs on 
> CIA exploits.  It was big news.  I'm surprised you missed that.  And, 
> yes, the exploits also include more than a few against linux.

That's not what I said - I said that the security agencies writing
backdoors into systemd was a conspiracy theory. I said later that they
have exploits as part of their toolkit. I'm surprised you missed that
part when you replied to it ...

> Years ago it was revealed that one of the linux developers inserted an 
> exploit into the gcc code which, when the login code was compiled, would 
> give him access to any system running it, effectively every linux 
> system.  This exploit was in the linux code for a long time and was 
> never discovered.  It was revealed only by the developer himself, and 
> only because he was retiring.  Point is: Code is often complex, 
> especially that written in C (or C++ and others), so much so that an 
> exploit can be written into it and not discovered for a long time, or 
> ever.  This is yet another argument against systemd: it would be much 
> easier to hide an exploit in it than in a handful of bash scripts.

Perhaps bash is exploitable - designed to hide the malicious code put
into the init.d scripts by the NSA.