. home.aspx



Linux's Systemd Hit With Three Security Holes

January 14, 2019 / Christine Hall

Admins and DevOps working with Linux machines will want to keep an eye out for patches for a trio of security vulnerabilities affecting systemd, the system and service manager that's primarily tasked with deciding what programs run when Linux boots. Specifically, the vulnerabilities are in systemd-journald, which collects and stores logging data. All of the exploits can be used to give a local user root access. Linux's systemd was first introduced in 2011 into Fedora. By 2015, nearly all other Linux distributions had adopted it as well. The software suite has been controversial since its introduction, however, with critics saying it's overly complex and that its architecture violates a prime principle of Unix-like operating systems, that systems should "do one thing and do it well." Although the noise generated by systemd naysayers has died down in recent years, news of bugs or security issues, even when relatively minor, tend to restart the discussion on sites li...