**:(){ :|: };:** @jgoguen@infosec.exchange · Jul 09, 2017, 01:57

**:(){ :|: };:** @jgoguen@infosec.exchange · Jul 09, 2017, 01:57

:(){ :|: };: @jgoguen@infosec.exchange

Remember how systemd starting as root if the username starts with a digit isn't a bug? Turns out they're technically right. It's not a bug.

It's a bug worthy of a CVE. CVE-2017-1000082, which had to be requested by third parties. Like, I suspect, every systemd CVE ever.

https://nvd.nist.gov/vuln/detail/CVE-2017-1000082

**rysiek ✅** @rysiek · Jul 09, 2017, 14:07

**rysiek ✅** @rysiek · Jul 09, 2017, 14:07

@jgoguen getting a new Debian server soon, the first thing I'm doing on it is removing systemd.

**Bob Mottram** @bob@social.freedombone.net · Jul 09, 2017, 14:08

**Bob Mottram** @bob@social.freedombone.net · Jul 09, 2017, 14:08

@rysiek @jgoguen I think @maiyannah mentioned a while ago that it's quite easy to remove systemd and have the old init system back again. I havn't done that with !Freedombone, but if things with systemd keep deteriorating then I might.

**rysiek ✅** @rysiek · 2017-07-09T14:13:45Z

rysiek ✅ @rysiek

@bob @jgoguen @maiyannah yeah, I remember, and that's exactly what I am planning to do.

Jul 09, 2017, 14:13 · Web · 0 · 0