We want to stop systemd from being added to docker images, because of rpm requiring systemctl.

[Chris Adams]

Once upon a time, Reindl Harald <h.reindl at thelounge.net> said:
> simple example:
> 
> * binary XYZ is vulerable for privilege escalation

A local, non-privileged binary cannot be "vulerable for privilege
escalation".  If I can run a non-privileged binary to escalate, then
there is a problem with some other part of the system, not the binary.
I can (unless severely locked down, which is difficult-to-impossible to
do in practice) download another non-privileged binary and achieve the
same privilege escalation.

-- 
Chris Adams <linux at cmadams.net>