Originally posted by signals
View Post
Announcement
Collapse
No announcement yet.
systemd 228 Had A Local Root Exploit
Collapse
X
-
-
Originally posted by starshipeleven View PostYou already forgot the articles I linked that showed how Windows updates fucked up NVIDIA drivers and also Intel CPUs to answer your misguided attempt to throw shit on AMD by showing a forum thread where it was again MS's updates that fucked up AMD drivers?
Intel CPU issues were completely irrelevant because they were happening during overclocking or something. Which means, putting hardware out design specs.
Comment
-
Originally posted by pal666 View Postthere are no constant api/abi changes on linux. if you see some constant changes, then they are not api/abi or they are not linux
- Likes 1
Comment
-
Originally posted by F.Ultra View Post
Ah, so like how you would open it as say "smb://server" in i.e Filer in Linux.
Originally posted by F.Ultra View PostMyself I don't see the problems that you see with the modernization of Linux since none of it makes it any more less of a Unix system. But each to their own and if you prefer Windows that is none of my business.
But, I wouldn't say I "prefer" Windows. It's just that after 20 years of sparring with Linux, I decided it was time for a new sparring partner. Maybe I'll win more bouts, maybe I won't. Besides, Linux still outnumbers Windows 6 to 1 in my home environment. It's just not on my workstation anymore.
Comment
-
Originally posted by ldo17 View PostHands up all those who have actually used a system with this vulnerability ...
.
.
.
(crickets)
.
.
.
- Likes 1
Comment
-
No matter what it was lucky that someone found and identified the exploit for what it was. In the future maybe we and the systemd people should look closer at bugs that they assume aren't worthy of informing people and maintainers better about. A safe system should be more important than new features.
- Likes 1
Comment
-
Originally posted by sjukfan View PostIn the future maybe we and the systemd people should look closer at bugs that they assume aren't worthy of informing people and maintainers better about.
So how do you know, when you're fixing one seemingly-trivial issue - say, an unchecked null-reference - that it's actually a small part of something big and scary?
Comment
-
Ok, let's see.
* There was a bug in an ancient version of systemd, which was fixed and correctly classified as a local DoS. Now it turns out that the combination of the systemd bug, and another bug known and unfixed since 2015, can get you a local root exploit. The internet explodes, systemd gets all the blame, lots of armchair developers tell the world how they would have designed systemd to avoid this bug.
Meanwhile, the setguid root exploit is still unfixed. Nobody cares.
* There is a bug in current versions of screen, which has been present for over a year. Anyone looking at the bug should immediately notice the potential for destroying the system and/or gaining root access. There is no phoronix article, there is barely any discussion, people just update and move on with their lives.
*sighs*
- Likes 1
Comment
-
Originally posted by aht0 View PostYeah and those articles were exactly how relevant?
As far as I recall, arguments ended after I pointed out that Nvidia had at the time 70% market share and so had proportionally considerably LESS driver issues than AMD had.
Intel CPU issues were completely irrelevant because they were happening during overclocking or something. Which means, putting hardware out design specs.
Comment
-
Originally posted by F.Ultra View PostNow I don't use it but apparently SUSE used the vulnerable version: https://lwn.net/Articles/712488/
Comment
Comment