Vulnerability Discovered In Latest Ubuntu Distributions, Users Advised To Update

Celarent Darii writes: There is a vulnerability in the latest ubuntu distributions due to the DNS resolver included in systemd. The inclusion of the dns resolver was lamented by many on the mailing list, not without cause. All are advised to update their distribution.

Re:I'm amazed!

[Type44Q]

SystemD's OS is the Intel Management Engine.

Re:Poettering strikes again

[F.Ultra]

Some are yes, other are complex turing complete and others follow the INI style. Look i.e at /etc/openal/alsoft.conf, /etc/subversion/config, /etc/couchdb/local.ini, or why not any of the .desktop files in /usr/share/applications/.

INI style are not bad just because MS happened to use them a lot in MS-DOS, AFAIK there isn't even anything that points to MS being the inventors of the format, just that they used them system until they came up with their horrid registry.

Re:Dare I say it?

[Kjella]

I'm not saying that systemd is the answer, but... the old init system worked great if all you ever needed was an init system. That is to say your machine got everything plugged in on boot, always on a wired network and always on AC. The only thing you need the init system for was to get you from cold hardware to a running state, then it could declare "my work here is done" and go into retirement until it was time for shutdown. For some people that's all they need, good for you. Anything dynamic has been a mess. Suspend/resume/hibernate, hot-plugging/unplugging, wired/wireless, connected/not connected to network, AC/battery, power management, docked/undocked, switchable graphics, the list goes on and on.

The track record is not much better when it comes to shared resources like window managers, composited desktops, sound cards etc. that need some kind of mediator like a compositor or sound server. You can of course say that every application should solve this on their own, but the truth is that we know they don't and there's a huge patchwork of solutions that try to make applications play nice, often competing so this application will only work with that system-level service. I can understand that you don't want to support two init systems (SysV, systemd), four sound servers (PulseAudio, ALSA, Jack, OSS), two window managers (X11, Wayland) and so on.

For this you want a modern POSIX, call it an "application execution environment" if you will. A running mediator between the applications and their surroundings, not just at boot but as long as the machine has power. Maybe this could be solved by a hundred small services of various kinds or at least that's its a better solution than one gigantic mess. But to pretend it's all working great is something of an exaggeration, to say the least.