[ale] CRITICAL LINUX FLAW OPENS THE DOOR TO FULL ROOT ACCESS (RHE)

Lightner, Jeffrey JLightner at dsservices.com
Tue May 22 17:28:46 EDT 2018


>From the original article:
"Red Hat has patched a vulnerability affecting the DHCP client packages that shipped with Red Hat Enterprise Linux 6 and 7."

RHEL6 does NOT have systemd though RHEL7 does.    I think his "sticking to the facts" line was because you seemed to want to lay this at the feet of systemd just as many have done in the past with everything from dog mange to Obamacare.   Not liking systemd is your right as is expressing that OPINION.   Blaming things on systemd that have nothing to do with it just loses one credibility.

-----Original Message-----
From: Ale [mailto:ale-bounces at ale.org] On Behalf Of Steve Litt via Ale
Sent: Tuesday, May 22, 2018 4:55 PM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] CRITICAL LINUX FLAW OPENS THE DOOR TO FULL ROOT ACCESS (RHE)

On Sun, 20 May 2018 20:56:08 -0400
Solomon Peachy <pizza at shaftnet.org> wrote:

> On Sun, May 20, 2018 at 08:33:45PM -0400, Steve Litt via Ale wrote:
> > So I let others say it. And isn't it interesting that the botched 
> > shellscript and systemd are from the same folks, and they're the 
> > folks who have no problem at all with bringing complexity to 
> > GNU/Linux (soon to be systemd/Linux).
> 
> Nevermind this bug predates systemd's existence, isn't the first time 
> it's happened [1], and this particular issue (and the entire class) 
> wouldn't have occurred had systemd's networking infrastructure been in 
> use.
> 
> I get you don't like systemd, but please, stick to the actual facts?

Fact: The botched shellscript and systemd ARE from the same folks, Redhat, just like I said. I was sticking to the facts.

Fact: I never said anything about which predated the other, but as long as we're playing the predating game, this smoking gun predates systemd:

http://asay.blogspot.ru/2006/10/interview-with-red-hat-cto-brian.html

Complexity as a profit center,  straight from the mouth of the then RH CTO. We always knew about the means and opportunity, now we see, for a FACT, the motive. Direct from a top Redhat exec. Perhaps if they'd spent less juice complexifying systemd, they could have QA'ed their shellscripts.

SteveT

Steve Litt
June 2018 featured book: Twenty Eight Tales of Troubleshooting
http://www.troubleshooters.com/28


_______________________________________________
Ale mailing list
Ale at ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo


More information about the Ale mailing list