I previously stated that systemd provided a nice juicy attack surface. There are valid arguments that not all these components are “core” systemd. Regardless, they are still components and there is an implicit trust relationship with “core” vs “components”. Yes systemd sticks everything in cgroups (another minor issue I have) but with the coming Dockerpocalypse didn’t everyone learn that cgroups were not a security mechanism (nor are containers for that matter)? I still stand by my statement that the “big one” linux exploit will somehow be tied to systemd.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s