In Which Linus Torvalds Makes An 'Init' Joke

Long-time Slashdot reader jawtheshark writes: In a recent Linux Kernel Mailing List post, Linux Torvalds finishes his mail with a little poke towards a certain init system. It is a very faint criticism, compared to his usual style. While Linus has no direct influence on the "choices" of distro maintainers, his opinion is usually valued.
In a discussion about how to set rlimit default values for setuid execs, Linus concluded his email by writing, "And yes, a large part of this may be that I no longer feel like I can trust "init" to do the sane thing. You all presumably know why."

Re: You all presumably know why.

Don't forget the recent severity 9.8 CVE regarding invalid username handling that Poettering closed as NOTABUG. It's a trainwreck of bad design driven by an egotistic idiot.

Re: You all presumably know why.

you are one of those special idiots my mother warned me about... EWONTFIX/Closed is NOT fixing...
Updating manuals to (now) state that systemd only accepts usernames adhering to: [a-z_][a-z0-9_-]*$? is not a fix.
Systemd hasn't fixed teh issue, they man paged what it doesn't like. someone creating a username starting with a 0 will still get executed as root. Even worse!!! a username with a "." in it will also do it... Periods have been permitted for ages (just not starting...) and this means if a linux machine is part of an AD it could cause issues...

https://lists.freedesktop.org/archives/systemd-devel/2017-July/039237.html
> 1. We do not permit empty usernames
> 2. We don't permit the first character to be numeric
> (This also filters out fully numeric user names)
> 3. We do not permit dots in usernames, neither at the beginning nor in
> the middle.
> 4. We do not permit "-" at the beginning of usernames (something which
> POSIX explicitly suggests, btw)
> 5. We require that the user name fits in the utmp user name field, so
> that we can always log properly about it.