On Sun, 2017-04-16 at 06:53 -0400, ken wrote: > On 04/15/2017 04:46 AM, Pete Biggs wrote: > > Not wishing to extend this thread further, but ... > > > > > There are conspiracy theories out there that the NSA is involved with > > > bringing systemd to Linux so they can have easy access to *"unknown"* > > > bugs - aka backdoors - to all Linux installations using systemd *[1]*. > > > > They're conspiracy theories, and that's it. > > Hmm. That's not quite it. Wikileaks recently posted a trove of docs on > CIA exploits. It was big news. I'm surprised you missed that. And, > yes, the exploits also include more than a few against linux. That's not what I said - I said that the security agencies writing backdoors into systemd was a conspiracy theory. I said later that they have exploits as part of their toolkit. I'm surprised you missed that part when you replied to it ... > Years ago it was revealed that one of the linux developers inserted an > exploit into the gcc code which, when the login code was compiled, would > give him access to any system running it, effectively every linux > system. This exploit was in the linux code for a long time and was > never discovered. It was revealed only by the developer himself, and > only because he was retiring. Point is: Code is often complex, > especially that written in C (or C++ and others), so much so that an > exploit can be written into it and not discovered for a long time, or > ever. This is yet another argument against systemd: it would be much > easier to hide an exploit in it than in a handful of bash scripts. Perhaps bash is exploitable - designed to hide the malicious code put into the init.d scripts by the NSA. P.