[CentOS] OT: systemd Poll - So Long, and Thanks for All the fish.
Pete Biggs
pete at biggs.org.uk
Sun Apr 16 17:08:31 UTC 2017
On Sun, 2017-04-16 at 06:53 -0400, ken wrote:
> On 04/15/2017 04:46 AM, Pete Biggs wrote:
> > Not wishing to extend this thread further, but ...
> >
> > > There are conspiracy theories out there that the NSA is involved with
> > > bringing systemd to Linux so they can have easy access to *"unknown"*
> > > bugs - aka backdoors - to all Linux installations using systemd *[1]*.
> >
> > They're conspiracy theories, and that's it.
>
> Hmm. That's not quite it. Wikileaks recently posted a trove of docs on
> CIA exploits. It was big news. I'm surprised you missed that. And,
> yes, the exploits also include more than a few against linux.
That's not what I said - I said that the security agencies writing
backdoors into systemd was a conspiracy theory. I said later that they
have exploits as part of their toolkit. I'm surprised you missed that
part when you replied to it ...
> Years ago it was revealed that one of the linux developers inserted an
> exploit into the gcc code which, when the login code was compiled, would
> give him access to any system running it, effectively every linux
> system. This exploit was in the linux code for a long time and was
> never discovered. It was revealed only by the developer himself, and
> only because he was retiring. Point is: Code is often complex,
> especially that written in C (or C++ and others), so much so that an
> exploit can be written into it and not discovered for a long time, or
> ever. This is yet another argument against systemd: it would be much
> easier to hide an exploit in it than in a handful of bash scripts.
Perhaps bash is exploitable - designed to hide the malicious code put
into the init.d scripts by the NSA.
P.
More information about the CentOS
mailing list