We want to stop systemd from being added to docker images, because of rpm requiring systemctl.

Chris Adams linux at cmadams.net
Tue Apr 29 19:59:58 UTC 2014

Once upon a time, Reindl Harald <h.reindl at thelounge.net> said:
> simple example:
> * binary XYZ is vulerable for privilege escalation

A local, non-privileged binary cannot be "vulerable for privilege
escalation".  If I can run a non-privileged binary to escalate, then
there is a problem with some other part of the system, not the binary.
I can (unless severely locked down, which is difficult-to-impossible to
do in practice) download another non-privileged binary and achieve the
same privilege escalation.

Chris Adams <linux at cmadams.net>

More information about the devel mailing list