Where it seems like text based forums using upvotes/likes or reactions encourages those who are less inquisitive and/or humble to take up a lot of the atmosphere.
It got me thinking that the internet today has more people on it but fewer forums to engage with technical topics in depth.
It was in OpenSUSE Tumbleweed for a few days actually (RPM-based + rolling release + did the sshd patch). I was affected by it and it was fun watching the reliable ~100ms difference in `time /usr/sbin/sshd -h` with and without `TERM=foo`
Not sure of the relevance of this comment, can you elaborate? Were you the one that caught it?
Our balls were inches from the bandsaw. Systemd made it possible to compromise SSH through an unrelated, single-maintainer lib that wasn’t even a dependency.
Edit: never mind, I see you are a systemd crusader.
Because I'm pretty sure that most of the components are optional.
You did not even discuss the reasoning given for not using sudo to instead hop on your soapbox to say it's bad software with bad practices and that they are stupid.
It's annoying how in the the more surface level Linux communities there's 0 value in discussing systemd.
"1 million lines of code for PID0!"
The new thing is blaming systemd for that recent exploit even though distros were patching in the bug themselves.
People analysing the exploit determined that a new version of systemd was going to prevent the exploit vector so the exploit seemed to have been rushed out.
Isn't this just textbook FUD?
What I've noticed is over the years is systemd would have identified a gap in functionality.
Like systemd-homed having a solution for automatically encrypting home directory when the machine is suspended.
Is that a functionality that OSX has had for years? Yes.
But anti-systemd people will dislike it automatically.
Why are you bringing up random arguments I didn't even make?
No, I am a dedicated systemd hater ever since I spend over a month full time writing and debugging systemd services for work. Systemd (the init system) is just all around badly designed and executed, I have very little confidence in the developers and their technical abilities and their tendencies to expand into completely unrelated areas for seemingly no reason makes me quite concerned.
I wouldn't blame the xz exploit on them, it is very hard to call it their fault in any way. But I do think it is a symptom of a system which has grown far too thin and wide.
Because your post is the repeating cliches that are under every discussion about systemd.
You're essentially saying that the month you spent is enough for you to call it bad and the creators incompetent.
What qualifies you to make a determination like that?
There is never any actual technical reasons it's always about vague things like not adhering to UNIX philosophy, lines of code or it being badly designed (without any real architectural criticism)
This is an article about why they believe sudo isn't a good system. Where's your criticism of that from a technical / security perspective?
It's been about 10 years since systemd was adopted by Debian/Ubuntu/Redhat/Fedora etc.
Millions of deployments over the years. The companies that build and are paid to support for years with SLAs the operating systems are using it without issue.
>There is never any actual technical reasons it's always about vague things like not adhering to UNIX philosophy, lines of code or it being badly designed (without any real architectural criticism)
I did not mention the first two, so please do not pretend I argued that. For bad design look at transactions. That is really dumb and makes the system near incomprehensible. The documentation is bad, dbus is literally so bad they tell you not to use it without a wrapper. The terminology is very questionable and makes it hard to explain what a unit actually does.
But I don't even see that as the worst part. The worst part is that they fundamentally can't do basic software engineering, in the sense that they do not have a defined project scope. Everything is potentially a systemd issue and not once does anyone take a step back and say "maybe systemd" isn't the right place to fix that problem.
>This is an article about why they believe sudo isn't a good system. Where's your criticism of that from a technical / security perspective?
If you don't read my posts please do not respond to me. Look at the first post I made and carefully read it.
> If you don't read my posts please do not respond to me. Look at the first post I made and carefully read it.
I read your OP. It does not contain a technical / security criticism of run0. It's an angry, hand-wavey, vague rant against a project that took a design decision you apparently disagree with, but lacking any actual analytical evaluation of the thing up for discussion.
This sort of top-level post shows up on every single article that mentions "systemd", so you'll maybe understand why people tend to be dismissive.
>I read your OP. It does not contain a technical / security criticism of run0.
Yes, I literally say there is nothing wrong with the idea, so you going ahead and demanding I criticize the idea, is just absurd.
Really, this is completely bizarre. I even say that the thinking behind replacing sudo is fine, yet you are here complaining that I don't deliver technical arguments against something which I even told you might be completely valid to do from a technical perspective. Baffling.
Let me get this right: you see an article on a new thing, which you have no problem with, but have an angry rant in the comments section anyway? And now you're baffled by people's reaction to that?
I'm not sure there's much point engaging further, I hope you have a good rest of the day.
I can use GNU bash on NetBSD with no other GNU software installed. I can install GNU coreutils on Alpine Linux (complete with musl libc instead of glibc). In fact, it's possible to just install a single part of GNU coreutils but not the rest - ex. Alpine packages just sha512sum as https://pkgs.alpinelinux.org/contents?branch=edge&name=coreu... (not sure why). I don't think I've seen it done, but you could build a Linux distro that used glibc and gcc but no other GNU software (busybox coreutils and ksh shell, say). GNU has their own kernel, but is predominantly used on other OSs. They want to build all the pieces, but you can opt in or out of all of them, and they're all portable. In contrast, if you want to use, say, run0, you must run systemd as PID 1, you must use journald, and the whole stack only runs on Linux. So yeah, that is actually different.
> I think that portability is a deliberate anti-goal of systemd.
Yes, and that is one of the things I dislike about it. (In fairness, the list of things I like about it and the list of things I dislike about it are both fairly long.)
> No, you must run something on pid 1 that implements the spec, similar to how musl can be used instead of glibc - they both implement the same spec.
> Run0 expects pid 1 to behave a certain way, much like my web browser expects web servers to behave a certain way.
If there's only one implementation, then it's not portable. If a webapp uses a web API that only Chrome implements, it's not portable regardless of whether Google published a spec for their non-standard behavior. There are dozens of web servers and web clients that all speak HTTP, there is one systemd.
It's a technical article about an esoteric topic, you don't usually get good discussion.
Sometimes it's good for a laugh. Like I remember a commenter in one of the XZ posts saying that open source contributors should be required to have US security clearance.
The top comment talking about Vista (2007), Crisis (last game 2011), Witcher (Last game 2015) and the Datsun name change (1986) is really something.
I looked and he’s one of those people who submit 2 posts per hour. And like, I wouldn’t want to do that, but if you’re a news junkie who feeds articles into HN soon after they come out and gives us stuff to talk about, it makes sense that you’d have huge karma in the long term since you’re providing a service to the HN community.
I have a suspicion that the reason a lot of LLM bots can output stuff akin to word salad is because a lot of their training data is word salad in the first place. If you're a competent reader pre-LLM, you can mostly avoid/discount word salad, so its prevalence doesn't really register.
My YOShInOn can't write text, at least not yet. (I am thinking about T5 to attach Mastodon tags) I think most generative models would be too polite to say something like that or would be more tentative.
It's a better marketing tactic than posting a link to a sign up form for a product that doesn't exist yet. When I do get that blog post done I know there will be pent up interest. For now see
When I say "rare", I didn't mean that the models don't exist. I meant that the screens in devices that most people actually buy are crap. I am very aware that there are laptops with OLED screens, and OLED monitors. But they are still in the minority, especially those expensive OLED monitors. If you want to know what the market is really like for Windows devices or monitors, go to Amazon or Best Buy, find the best selling items, and check the display specs. I can guarantee very few support P3.
It doesn’t bother me, I was just interested in whether the benchmark is fair in this respect (it is xorg only, so the answer is yes). I personally believe that 120+ hz gives barely any benefit, though.
