Slashdot Mirror

← Back to Stories (view on slashdot.org)

Multiple Linux Distributions Affected By Crippling Bug In Systemd (agwa.name)

Posted by EditorDavid on from the 51-character-exploits dept.

An anonymous reader writes: System administrator Andrew Ayer has discovered a potentially critical bug in systemd which can bring a vulnerable Linux server to its knees with one command. "After running this command, PID 1 is hung in the pause system call. You can no longer start and stop daemons. inetd-style services no longer accept connections. You cannot cleanly reboot the system." According to the bug report, Debian, Ubuntu, and CentOS are among the distros susceptible to various levels of resource exhaustion. The bug, which has existed for more than two years, does not require root access to exploit.

17 of 508 comments (clear)

  1. First of many by somenickname · · Score: 4, Insightful

    Putting this level of complexity at such a low level of the system is going to cause show stopping bugs. And, with every new release, more complexity is added.

    1. Re:First of many by somenickname · · Score: 5, Insightful

      The kernel is a necessary evil that supports thousands (millions?) of different devices, dozens of architectures, dozens of file systems, etc, etc. It's also the quintessential open source project with a meritocracy based hierarchy that dictates how things get added to the kernel. Systemd is Lennart and his henchmen carving out a fiefdom. Big difference.

    2. Re:First of many by Z00L00K · · Score: 4, Insightful

      The difference compared to systemd is that 'init' is small and have little overhead.

      Systemd is trying to fix stuff that isn't broken.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  2. Systemd was SUCH A GREAT IDEA by Anonymous Coward · · Score: 0, Insightful

    Oh look, exactly what everybody was afraid of happened.

    Fuck lennart and his sjw politics.

    1. Re:Systemd was SUCH A GREAT IDEA by a_n_d_e_r_s · · Score: 4, Insightful

      No its a technical struggle.

      The UNIX philosofy is to make many smaller programs that does one thing and does it well. From a bug point of view that been godsend; smaller programs are easier to debug and test.

      Large complex programs will always be a problem. Like webb browsers and systemd. The more complex a program becomes and the more it does the more complex is it to write secure code for all situations.

      --
      Just saying it like it are.
  3. Re:I don't hate on systemd but this is really bad by bcarson · · Score: 2, Insightful

    There are plenty of people who don't need anymore reasons to hate on systemd. This won't get a pass just because it's Linux.

  4. Re:I don't hate on systemd but this is really bad by rossz · · Score: 5, Insightful

    How can you possibly overblow a bug that can bring down a system without root privileges?

    --
    -- Will program for bandwidth
  5. Re:I don't hate on systemd but this is really bad by Anonymous Coward · · Score: 3, Insightful

    You know you are in deep dodo when people compare the bloody init to the kernel...

  6. Re:Diversity by Kazymyr · · Score: 3, Insightful

    My gentoo boxes shrugged for a half milisecond, then continued chugging along.

    --
    I hadn't known there were so many idiots in the world until I started using the Internet -Stanislaw Lem
  7. Re:I don't hate on systemd but this is really bad by somenickname · · Score: 5, Insightful

    Exactly this. You could probably paste a working and viable init.c into a Slashdot post and not cause it to emit the "Click to read more" link.

    On the other hand, you can do this:

    foo [ ~/src ]$ git clone https://github.com/systemd/sys...
    foo [ ~/src ]$ cd systemd
    foo [ ~/src/systemd ]$ wc -l `find . -name "*.c"` | tail -1
        374209 total

    That's a bit more code than a traditional Unix init system...

  8. Same old playbook by Anonymous Coward · · Score: 3, Insightful

    How long are systemd proponents going to evade accountability to crying about detractors, greybeards and positoning opponents as anti-change.

    Any criticism of Systemd and out come a hoarde of Redhat supporters and astroturfers to change the focus swiftly from the technical to the political

  9. OpenRC by Shane_Optima · · Score: 5, Insightful

    If you're dissatisfied with systemd and you don't need any of its fancier capabilities (which as an end user I'm assuming would be Docker stuff), please consider switching to a non-systemd distro as soon as possible and (if you can afford the time or money) contributing to their development. The more support systemd alternatives can garner, the more likely it is that projects to will resist unnecessary systemd dependencies and it might even be that systemd itself will eventually become more modular and moddable.

    I'm not a hater. I cringe every time I see +5 comments claiming that systemd didn't fix anything. Declarative syntax is (at least in principle) a massive win, especially for distro builders. And LXC is amazing stuff, and I certainly cannot fault Red Hat for wanting containers to behave perfectly. Unless something like Genode scores a major coup, containers are definitely the future of secure and robust computing.

    But the actual details of systemd's course have been hair-raising. It needs to be more UNIX-like and less draconian in its requirements and less toxic in its effects on the FOSS ecosystem and unfortunately (given Red Hat's behavior over the past decade) it appears that pushing alternatives hard is the only way they can conceivably be convinced to change their ways or reform anything moving forward.

    I encourage all of the haters here to try and put your money where your mouth is. Install, use, support and help promote a distro like Devuan or even better: go and find one of the multiple OpenRC distros available. OpenRC can't be the all-in-one automagic solution systemd endeavors to be, but it doesn't hide tons of stuff in huge C binaries and it's addressed most of the common frustrations people have with SysV. Arch Linux has an OpenRC variant (the standard install uses systemd), Gentoo was the distro that started OpenRC years ago, and Alpine linux uses it (which isn't an ideal easy desktop distro, but it's amazing for those wanting a secure minimal distro to build on and last time I checked it does run XFCE and Firefox.) There are probably others.

  10. Re:I don't hate on systemd but this is really bad by somenickname · · Score: 4, Insightful

    No, it's you who fails to see that what somenickname showed was not the number of lines of code in the systemd init but the number of lines of all the applications, deamons etc that is stored in the systemd source repository.

    And that should be a gigantic red flag to anyone. Why does the init system need all that stuff?

    Just like BSD stores all the code for their kernel and user space applications in a single repository.

    That single repository represents hundreds or thousands of different projects. The "git clone" I did represents one single project.

    It's just a guilt by git association.

    No, it's guilt by assimilation. Big difference.

  11. Re:And of course the systemd devs throw a tantrum by Anonymous Coward · · Score: 3, Insightful

    https://medium.com/@davidtstrauss/how-to-throw-a-tantrum-in-one-blog-post-c2ccaa58661d
    Can't have anyone criticizing any aspect of the holy systemd.
    Whole thing boils down to:
    "Following security practices in an init system is hard, and you've never done it so leave us alone."
    Completely ignoring the fact that the only reason they patched this thing is because he made a big deal out of it.
    And on what planet is testing for corner cases like empty strings the domain of fuzz tools?
    That seems like a pretty standard test case to me.
    I can understand if you don't test for a 1MB string, but empty seems like a no brainer.

    For those who don't want to follow OP's link:

    The systemd project applies both unit testing and static/dynamic analysis to systemd. We’ve done this for years; I ran the first Coverity scans myself. Testing inputs of empty strings, excessively large data structures, and other invalid permutations is the realm of fuzz testing, which is a recent project even for the Linux kernel. Despite Linux being used for critical systems for decades, fuzz testing only began as side-projects “in beta” in 2007 and more earnestly in 2013. It’s clearly a valuable technique, but implying that comprehensive testing of invalid inputs is “obvious” is misleading about the state of major projects.

    WHAT

    THE

    FUCK?!?!

    It's too much to expect systemd to test for invalid inputs from non-privileged user-space?

    Are you fucking kidding me?!?!?

    Who the fuck is David Strauss? And when is he scheduled to matriculate from kindergarten?

    Too much to expect him to test?!?!!?!

    Pathetic. Thalidomide-brain pathetic.

  12. Re:I don't hate on systemd but this is really bad by dbIII · · Score: 4, Insightful

    Why does the init system need all that stuff?

    Because it's not an init system anymore, it's Lennart trying to put his name on everything between the application the user runs and the kernel.

  13. The failure of systemd is that ... by fahrbot-bot · · Score: 2, Insightful

    The developers haven't stopped at what systemd needs to do and have gone on to what they want it to do, favoring the latter over the former.

    --
    It must have been something you assimilated. . . .
  14. Sometimes by Anonymous Coward · · Score: 3, Insightful

    when grey-haired conservative fuddy duddies warn of something, you should PAY ATTENTION even if you disagree.

    In this case, the "conservative" is certainly not in the political sense, it's in the technical sense. The core philosophy of UNIX was: small dedicated programs doing discrete things (which can be easily developerd, debugged, tested, and yes... replaced/substituted. Many warned that systemd was the polar opposite and would inevitably invite this very sort of issue. The warnings were ignored because they were not consistent with what the cool kids wanted. It was much more cool to create a whole new gluttonous monster, than to do the hard work to fix a bunch of long-standing and not glamorous basic usability issues that might actually help Linux take over the desktop.

    In the political sense a similar thing happened with Obamcare, where conservatives kept pointing out that the basic plan did not pass the economic "smell test", and that inevitably the rates would rise and the markets would fall apart because of the poor planning.

    In both cases, the hard-charging progressives (in the technical sense for the former and the political sense for the latter) ranted and raved against the cautious conservatives flinging insults about being backwards, stuck in the mud, opposed to progress, etc rather than facing the actual criticisms, considering that thier opponents might have serious and valid concerns, and then addressing those concerns. In both cases, when the inevitable "I told you so" comments arise, the advocates of the changes get angry and complain and propose moving even further in their chose direction, without facing that the now proven problems are real and were real - they want to solve a real problem with politics and name calling.

    Incidentally, before some partisan hack rates this "Troll", I'll point out that this is a trait of human nature and applies to the political right and technical conservatives as well. Some right-leaning "fiscal" conservatives love to propose reductions in social spending while ignoring left wingers who suggest some might be harmed, instead of facing the problems suggested. Some technical conservatives, particularly in places like the FAA, can actually suppress the increase in safety that modern systems could provide out of excessive fear of the risk of "new" (AOA indicators on small aircraft, and the typecerts required to put new avionics into older small aircraft come to mind)