We want to stop systemd from being added to docker images, because of rpm requiring systemctl.

Andrew Lutomirski luto at mit.edu
Tue Apr 29 19:36:59 UTC 2014

On Tue, Apr 29, 2014 at 12:33 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
> simple example:
> * binary XYZ is vulerable for privilege escalation

This makes no sense...

> * we talk about a *local* exploit until now

...I don't even know what you're trying to say here...

> * a bad configured webserver allows system-commands through a php-script
>   and i consider that you google for the /e modifier

...and this is already sufficient for a remote exploit.

Can we please move all discussion of "Zomg! This feature would take an
existing security hole and turn it into a security hole with exactly
the same impact" into its own thread or just stop it entirely?  All it
does is distract from real discussion.


More information about the devel mailing list