The Debian init system general resolution returns

Posted Nov 2, 2014 14:57 UTC (Sun) by nix (subscriber, #2304)
In reply to: The Debian init system general resolution returns by JGR
Parent article: The Debian init system general resolution returns

If libdbus had a security flaw in that manner

'If' is the wrong word to use here. It's happened, repeatedly.

The problem is not modifying the shell scripts themselves, but that the attack surface comprises the shell script, the shell itself, and all the various other scripts, executables, etc. which get invoked in the script. Guaranteeing that all of these are security bug free is non-trivial when compared to auditing a narrow dbus interface.

If GNU coreutils, iputils etc aren't safe to run as root, everyone is buggered in any case. Sysadmins routinely run these things as root, and systemd existing isn't going to make them stop.