Skip to Content [alt-c]


In reply to Systemd is not Magic Security Dust

Reader JCC1 on 2016-10-03 at 18:37:

Glad to see you mention qmail, and his response to your comment was fairly hilarious. Privilege separation via exec chaining (aka Berstein Chaining) is a key concept that the systemd developers don't get. If they DID get it, they'd understand that that's precisely why you don't run all of this in the same process. Small, simple utilities that do what they need to do, drop privileges, and execute something else.

Supervise > tcpserver > drop privs > app authentication > remainder of the app. This is the antithesis of the systemd model. If they truly understood it, they'd understand the importance of a tiny PID 1, which serves as the basis for everything else: small, secure tools which do precisely and only what they need to do, remove their privileges, and chain to the next step.


Post a Reply

Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with > are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim (good for code).
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.