We want to stop systemd from being added to docker images, because of rpm requiring systemctl.

Chris Adams linux at cmadams.net
Tue Apr 29 18:51:44 UTC 2014

Once upon a time, Marcelo Ricardo Leitner <marcelo.leitner at gmail.com> said:
> You're considering only the escalation way to do it, but there are
> other ways to exploit code laying around, like when some web pages
> don't sanitize the URL enough and end up allowing executing
> something in the system, much like sql injection. In those cases,
> one could craft URLs to run wget or any other tool that may help the
> intruder get even more inside.

Down that path lies madness.  Are you going to remove /bin/sh?  If not,
virtually anything else is possible.

Chris Adams <linux at cmadams.net>

More information about the devel mailing list