You argued earlier it wasn't optional and now you are readily conceding that it is optional, that is good progress. You have yet to demonstrate what makes only updating integrity checked and signed updates if it is specifically configured to do so a bad idea

One more thing worth pointing out here: Remote code execution or arbitrary code execution is a very specific type of security vulnerability that requires a clear demonstration of the ability to run arbitrary code in the first place. Integrity checked and signed updates such as the ones used by systemd are very common in millions of systems and do not fall under this category by definition. So yes it is definitely up to you prove the ability to run arbitrary code first before you aggressively spread misinformation by calling something an RCE.

I never made any such argument.

Firstly, good grief no, integrity checking and signing doesn't prove remote code isn't malicious.
Secondly, again, RCE is not a good idea, it will eventually be involved in a data breach, even the android links you provided - which have nothing to do with systemd - have been involved malicious compromises of devices.

e.g.

systemd-sysupdate requires root user to configure it before it can be used.

It is usually used in enterprise setting for updating their own cluster, so if you are just using systemd on your own computer, you should not be concerned.

If somebody gained root access on your computer, it will be a far severe problem and they will be able to do manipulate your computer whatever they like, regardless or whether systemd-sysupdate present or not.

You certainly did. You explicitly claimed,

"There is no "optional" half way measure"

and

"open init to a backdoor autoinstaller"

Now you understand it is entirely optional and not part of init. Otherwise your earlier comment that you are going to stick with an unmaintained older version in order to avoid this optional feature makes even less sense.

You are missing the point completely. Integrity checking and signing shows that the chain of trust is from the same source as any other update. Then the responsibility of the security of the code is the responsibility of the source you accepted the public key from and not the tooling regardless of whether it is apt, dnf of sysupdate.

You are confused again. Without the ability to install arbitrary code, there is no RCE/ACE. You are misusing the term.

You didn't read the systemd docs on this topic yet clearly. The same underlying tech (verity) is used in both Android and systemd and none of the compromises have involved verity.

You can also choose not to install it at all.

That doesnt change installing it and enabling it being a bad idea, does it? "no optional half way measure"

Wonderful. You have now learned that it is not part of init, certainly not a backdoor as you earlier said and simply not be installed instead of your original plan of sticking with an unmaintained older version merely to avoid an optional feature. Progress

Except your original claim was "Either it discovers and installs remote code automatically - bypassing the normal update procedure or it doesn't.
There is no "optional" half way measure". You have now learned that it doesn't bypass anything, installs only integrity checked and signed updates from the same source as all the other updates and what is a bad idea is to misuse terms like RCE. You have now learned that without demonstrable ability to run arbitrary code, there is no RCE. You are welcome.

Yes
Wonderful, we agree that not upgrading to a version with it at all is the best way of avoiding it.

In fact, after reading the background I think Im gonna to switch to an install with no systemd at all.

Nope. We explicitly don't agree on that. It makes zero sense to not upgrade because of optional features in any project. As long as you don't make technically inaccurate assertions, I don't care though.

It seems optional because its marked "experimental". Who knows where it goes when its no longer experimental.

luckily this is Linux, everything is optional. All we need to do is differentiate good ideas from bad ones.

autodiscover and install A/B is not a good idea, as made clear by several pages now where you failed to address that point once.