Bug#727708: systemd (security) bugs
]] Russ Allbery
> Don Armstrong <don@debian.org> writes:
>
> > Projects which have multiple components, each of which has different
> > security/interface surfaces without stable defined interfaces, can lead
> > to problems when one set of developers doesn't understand the security
> > implications of the parts that they do not work on.
>
> It's unclear to me that this is a correct characterization of systemd. Do
> the separate components of systemd not have stable, defined interfaces? I
> know they largely don't have other implementations, but that's not the
> same thing.
http://www.freedesktop.org/wiki/Software/systemd/InterfacePortabilityAndStabilityChart/
has a table with the various interfaces and their status.
[...]
> Let me put it this way. I think there are a couple of givens here, some
> of which have been expressed by both the GNOME maintainers and the KDE
> maintainers and which are also reflected by the current state of Ubuntu:
>
> * We use udev as the default device management platform and will continue
> to do so regardless of the init system we choose.
Agreed.
> * Many of the other systemd services, particularly logind but also several
> of the others, are quite desirable or even necessary for desktop
> environments, so we will need to adopt those services in Debian
> regardless of what init system we choose. Obviously, if we adopt
> systemd, integrating those services into the distribution is quite
> straightforward. If we don't adopt systemd, there are some critical
> missing integrations (relative to the normal systemd infrastructure)
> that will have to be replaced. The cgroups manager appears to be the
> most significant one at the moment.
>
> If the interfaces for those supplemental components are actually unstable,
> that's going to pose problems all around, but I'm not sure how directly
> relevant to this discussion that is since we're going to have to deal
> with those components *anyway*. Choosing a different init system than
> systemd is not going to let us ignore logind, since it's going to be a
> required component for a modern desktop. (Although it would still be good
> to know if this is the case.)
TTBOMK, the page listed above is accurate, and yes, I think there are
components we should adopt no matter if we go for systemd or not.
Things like tmpfiles.d aren't terribly complex, but it adds complexity
to each and every init script that needs a writable directory in /run to
handle permissions, ownership and creation, rather than just having a
single declarative file listing what it needs and the bootup process
ensuring that exists.
--
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
Reply to: