←back to thread

Run0, a systemd based alternative to sudo, announced

(mastodon.social)
466 points CoolCold | 4 comments | 29 Apr 24 23:59 UTC | HN request time: 0.64s | source
Show context
StimDeck ◴[30 Apr 24 06:36 UTC] No.40207890[source]
Just a reminder that there are plenty of systemd-less distros available. Also a reminder that those distros would have been safe from the nearly-solar-winds-level backdooring of Linux distros from XZ utils.
replies(3): >>40208737 #>>40215800 #>>40217457 #
1. Jonnax ◴[30 Apr 24 09:02 UTC] No.40208737[source]
That backdoor was never pushed out of the testing branches for distros.
replies(3): >>40208958 #>>40210218 #>>40215202 #
2. StimDeck ◴[30 Apr 24 09:34 UTC] No.40208958[source]
Not sure of the relevance of this comment, can you elaborate? Were you the one that caught it? Our balls were inches from the bandsaw. Systemd made it possible to compromise SSH through an unrelated, single-maintainer lib that wasn’t even a dependency.

Edit: never mind, I see you are a systemd crusader.

3. wpm ◴[30 Apr 24 12:18 UTC] No.40210218[source]
Oh well I guess it didn't matter then.
4. Arnavion ◴[30 Apr 24 19:28 UTC] No.40215202[source]
It was in OpenSUSE Tumbleweed for a few days actually (RPM-based + rolling release + did the sshd patch). I was affected by it and it was fun watching the reliable ~100ms difference in `time /usr/sbin/sshd -h` with and without `TERM=foo`