Announcement
Collapse
No announcement yet.
Systemd 246 Released With Many Changes
Collapse
X
-
Originally posted by herman View Post
I'm sure their intentions are to make their life much easier, but as Phoronix noted in a previous article, there is a risk for more exploitation when containers are allowed to learn information outside of itself. It defeats the purpose of having containers in the first place. Microsoft appears not to be able to program without opening everything up.
Also note, that simply knowing the bare OS you won't open too much security issues if at all unless you expose that to the Internet nor allows any new form to bypass the container security into the bare OS.
If the person managing this cloud setups is even barely competent the bare OS is not accessible from the outside since it most likely reside in a private(as non internet access) section of the network, so stop panicking without reason.
Also this come completely disabled by default and need intervention to be activated(you actually have to make a table of key-pairs to pass to the container with exactly what you need ... read the code), so for the average user the risk is a massive 0%.
I hope to see the day when people before come and talk about something in Phoronix and how will break the world actually bother in reading the code, because they finally realized that any other way is simply irrelevant and a waste of CPU cycles for everyone involved ...
- Likes 8
Comment
-
Originally posted by jrch2k8 View Post
Please note you can already do that with LXC, Virtuozzo, Docker, etc. fiddling around with scripts, systemd patch simply allows you to do it a lot easier and precisely and securely(since you can choose exactly what to pass and what not very specifically).
Also note, that simply knowing the bare OS you won't open too much security issues if at all unless you expose that to the Internet nor allows any new form to bypass the container security into the bare OS.
If the person managing this cloud setups is even barely competent the bare OS is not accessible from the outside since it most likely reside in a private(as non internet access) section of the network, so stop panicking without reason.
Also this come completely disabled by default and need intervention to be activated(you actually have to make a table of key-pairs to pass to the container with exactly what you need ... read the code), so for the average user the risk is a massive 0%.
I hope to see the day when people before come and talk about something in Phoronix and how will break the world actually bother in reading the code, because they finally realized that any other way is simply irrelevant and a waste of CPU cycles for everyone involved ...
- Likes 2
Comment
-
Originally posted by nsklaus View Post"Systemd 246 is out today as the newest version of this dominant Linux init system.."
"dominant" --> anti-linux-like hydra monster spreading like a virus, tying itself onto system components like a python is constricting its prey, removing the freedom of choice from the user and thus denaturing linux from its base philosophy.
there, i've fixed it for you.
go make yourself useful to one of those other projects!
- Likes 20
Comment
-
Originally posted by nsklaus View Post"Systemd 246 is out today as the newest version of this dominant Linux init system.."
"dominant" --> anti-linux-like hydra monster spreading like a virus, tying itself onto system components like a python is constricting its prey, removing the freedom of choice from the user and thus denaturing linux from its base philosophy.
there, i've fixed it for you.
- Likes 10
Comment
-
Originally posted by rtfazeberdee View Post
You have a choice to change your distro, Devuan (there are others not using systemd) is possibly the place for you where you think have freedom of choice of init system but wait... you don't have enough freedom to choose systemd if you want. Maybe "Linux from Scratch" is for you if you really want Freedom.
- Likes 5
Comment
-
Originally posted by nsklaus View Post"Systemd 246 is out today as the newest version of this dominant Linux init system.."
"dominant" --> anti-linux-like hydra monster spreading like a virus, tying itself onto system components like a python is constricting its prey, removing the freedom of choice from the user and thus denaturing linux from its base philosophy.
there, i've fixed it for you.
- Likes 3
Comment
-
Coming from Microsoft I assume the exposing stuff is by default and you have to opt-out if they let you.
Thank you very much Microsoft and systemd developers for this garbage!
I wonder when systemd will have a guideline like users' privacy and security first, not making money for corporations first.
- Likes 3
Comment
Comment