Skip to Content [alt-c]

Comment

In reply to How to Crash Systemd in One Tweet

Anonymous on 2016-10-02 at 17:31:

As a security analyst for a Fortune 50 company, you can bet I'll be trying this formally. A rogue employee DoSing a system? That's a big problem for us. We throw a lot of money at Red Hat; a hole like this would set off a lot of panic for our IT teams, and some of that will be aimed at RH. Getting an unprivileged shell prompt isn't all that hard, sadly. Parlaying that into a DoS with a short one-liner is a HUGE issue. Strauss' reply isn't reassuring, it's frightening... and will likely make its way into my gap writeup, so the CISO can consider it. Our business is all about managing risk, and it sounds like Red Hat's systemd team is taking, and exposing us to, unnecessary risk.

Reply

Post a Reply

Your comment will be public. If you would like to contact me privately, please email me. Please keep your comment on-topic, polite, and comprehensible.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with ">" are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim.
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.