I like the idea of nixOS and will definitely try it in the future to see how portable I can make the setup be (hopefully a couple of files that can configure the entire machine)....
“Systemd provides a lot of network functionality in systemd-networkd, journald, timesyncd, etc. that is remote attack surface. All the systemd “cloud of daemons” is tightly coupled by dbus interfaces that enable an attacker to move from one exploited system service to the next. Even if the attacker doesn’t manage to find an exploit in another system service, DoS is easily possible because the DBUS interfaces are quite fragile. Even as a benevolent admin it is easily possible to get the system into a state where e.g. clean shutdown is no longer possible because systemctl doesn’t want to talk to systemd any longer and you cannot fix that. systemd-udevd also has raceconditions galore, so sending any message to it in the wrong order relative to another one will kill the system, maybe even open exploit vectors. At the very least I would, for hardening, recommend not using any network-facing systemd functionality.
And lines of code are not ridiculous, they are the best first-order estimate available. Of course an actual inspection of the code is better for a comparison, but that is a huge task. sloccount is quick and easy.”
For daemons, its simply symlinking the services in the ‘sv’ folder to the var/services, it should be running after that.
Not sure how compatibility with systemd apps work on other inits but for what I know the packages that are shipped focus on specifically the init system that you are running (from whatever repo you use to install on the distro, for example artix has other inits besides runit).
Edit: Also you have the ‘sv’ command on runit that acts exactly like systemctl. You can stop, start and all that stuff
I didn’t know about bashrc poisoning, thx for the intel.
You are probably right, systemd attack vector might not be that big as it seems. But its a bit unfortunate that it has that small extra negative layer of security.
I’ve always just used konsole or gnome terminal. Never really looked into what else is available. Tried cool-retro-term the other day, but the novelty wore off pretty fast for me....
What are your thoughts on a possible NixOS without systemd?
I like the idea of nixOS and will definitely try it in the future to see how portable I can make the setup be (hopefully a couple of files that can configure the entire machine)....
Thinking about making the big switch – recommend me a distro!
Hey all, I’ve been thinking about making the jump from Windows to Linux as my daily-driver and I’ve been struggling on what distro to use....
Which terminal emulator do you use?
I’ve always just used konsole or gnome terminal. Never really looked into what else is available. Tried cool-retro-term the other day, but the novelty wore off pretty fast for me....
When Windows 10 dies, I am going to jump ship over to Linux. Which version would you recommend for someone with zero prior experience with Linux? **Edit: Linux Mint it shall be.**
Whom also likes to game every now and then ;)...
MSI demos a monitor that gives you an AI helping hand in League of Legends and it might stretch the boundaries of what's considered fair (www.pcgamer.com)