<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /></head><body style='font-size: 10pt; font-family: Verdana,Geneva,sans-serif'>
<p> </p>
<div> </div>
<p>On 2017-06-29 15:58, Lightner, Jeffrey wrote:</p>
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0">
<div class="pre" style="margin: 0; padding: 0; font-family: monospace">Based on your logic, no one should use OpenSSL because it was once vulnerable to Heartbleed...<br /><br /> If you don't like systemd that is fine but using this as your reasoning is a bit off in my not so humble opinion.</div>
</blockquote>
<div class="pre" style="margin: 0; padding: 0; font-family: monospace"> </div>
<div class="pre" style="margin: 0; padding: 0; font-family: monospace">As a 3rd party to the conversation, I don't believe that comment is fair. The Heartbleed vulnerability was focused on the primary purpose of SSL (encrypted connectivity). You cannot avoid those issues without limiting the base functionality.</div>
<div class="pre" style="margin: 0; padding: 0; font-family: monospace"> </div>
<div class="pre" style="margin: 0; padding: 0; font-family: monospace">I believe the original poster's point was DNS look-ups are outside the core feature of what an init system is supposed to provide - local-only hierarchical control of system startup. If I added the ability to monitor Trump's Twitter feed to automatically start and stop services to systemd, I am corrupting the core purpose and adding unnecessary code which compounds many problems including security (and his ego!). Not the same thing as Heartbleed IMNSHO.</div>
<div class="pre" style="margin: 0; padding: 0; font-family: monospace"> </div>
<div class="pre" style="margin: 0; padding: 0; font-family: monospace">-Alan</div>
<div class="pre" style="margin: 0; padding: 0; font-family: monospace"> </div>
</body></html>