Stories
Slash Boxes
Comments

SoylentNews is people

Lennart Poettering Wins 2017 Pwnie for Lamest Vendor Response

posted by martyb on Monday July 31 2017, @05:01AM   Printer-friendly
from the imminent-recursion dept.

canopic jug writes:

The 2017 Pwnie winner for lamest vendor response goes to Lennart Poettering for systemd. According to CSO which has reported on it, the Pwnie winners which were announced a few days ago, the summary for Lennart and systemd reads as follows:

The most spectacular mishandling of a security vulnerability by a vendor ended up winning a Pwnie for Lennart Poettering due to SystemD bugs 5998, 6225, 6214, 5144, 6237. The nomination reads: "Where you are dereferencing null pointers, or writing out of bounds, or not supporting fully qualified domain names, or giving root privileges to any user whose name begins with a number, there's no chance that the CVE number will referenced in either the change log or the commit message. But CVEs aren't really our currency any more, and only the lamest of vendors gets a Pwnie!"

Original Submission

 
This discussion has been archived. No new comments can be posted.
Lennart Poettering Wins 2017 Pwnie for Lamest Vendor Response | Log In/Create an Account | Top | 73 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by kaszz on Monday July 31 2017, @04:29PM (4 children)

    by kaszz (4211) on Monday July 31 2017, @04:29PM (#547231) Journal

    Any notable compatibility trouble with free software going the systemd route?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by digitalaudiorock on Monday July 31 2017, @05:30PM (3 children)

    by digitalaudiorock (688) on Monday July 31 2017, @05:30PM (#547257) Journal

    If you're asking if I've run into issues, not really, however I simply don't use anything, like Gnome for example, that requires it. So far nothing I really care about has become an issue. Hopefully most sane projects out there will continue to realize that making end user software dependent on a specific init system is basically turning into Windows ;)...which is pretty much what systemd is to anyone paying attention.

    What REALLY sucks if you ask me is that it will become impossible to find a good binary server distribution. CentOS 6 for example is simply rock solid. You couldn't pay me to use 7. That scene is just plain sad.

    • (Score: 2) by kaszz on Monday July 31 2017, @05:59PM (2 children)

      by kaszz (4211) on Monday July 31 2017, @05:59PM (#547273) Journal

      will continue to realize that making end user software dependent on a specific init system is basically turning into Windows ;)...which is pretty much what systemd is to anyone paying attention.

      What is your train of thought on this?

      • (Score: 2) by digitalaudiorock on Monday July 31 2017, @06:52PM (1 child)

        by digitalaudiorock (688) on Monday July 31 2017, @06:52PM (#547294) Journal

        I think there are some out there (notably Redhat) who would actually like Linux to effectively turn into Windows in that all end user software can always leverage the same interfaces exposed by one and only one monolithic init system that can be assumed to always be there. The over engineered way they approach everything even looks indistinguishable from he nightmarish way Windows does everything. That would be the end of Linux as far as I'm concerned...because it all flies in the face of everything that's make 'nix operating systems survive this long.

        This would be a concern even if systemd wasn't actively trying to replace tried and true shit (DNS etc etc) that they have no clue about. That just makes it worse.

        • (Score: 2) by kaszz on Monday July 31 2017, @07:00PM

          by kaszz (4211) on Monday July 31 2017, @07:00PM (#547298) Journal

          I think it's time for some anti-systemd software.