-----Original Message-----
From: "Claudio Freire"
This allows for proper testing of ONE Init System and fixing issues around it.
---- It also allows for a less diverse software environment -- one that will be less resilient in the face problems and easier to attack and fail.
Single point failure great for attackers, and bad for those who value 99.999.
Everybody knows I'm for keeping sysvinit, but, in software, the opposite of what you said there is usually true. More diversity means more attack surface which means less security. I have to agree there with Dominique, committing to one init system would help strengthen that system, but as of 12.1, systemd was not up to the task. It may get there by 12.3, or perhaps later, if upstream starts to be more cooperative. Big if. The result of making systemd the only option in openSUSE, IMO, will be some amount of emigration. Maybe massive, maybe not. I don't really know. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org ----------------------------------- That's not really true, or at least it's not as simple as that. The more pieces you have in a chain where all pieces must work or else the whole does not work, then yes the more pieces the less robust. If you are talking attack surfaces then yes the more services and other interfaces you provide on the same single host, the more likeley to be breached. But she is talking about diversity, which is kind of like backups, which are ultimately the only sure form of security. You can't prevent any particular thing from being broken no matter what you do. All you can do is have 5 copies of it scattered around in different places and taking different forms so that _when_ one is lost, at least the others will be there. Anyone knows by now about biodiversity, vs lack of it. If there is only one breed of corn, then it doesn't matter how awesome Monsanto made it, sooner or later _all_ corn will disappear overnight. The only protection from losing all corn from the planet is the fact that there is not just one identical breed of it. Similarly expand "corn" to "vegetables" or "plants" or "food". Even if something wipes out all corn, or even all grasses, there will still be potatoes and peppers etc. If we all end up running the exact same version of linux kernel, init, bash, etc, then no matter how awesome they make those things by virtue of their incredible importance and the lack of any diversions or distractions in any alternatives, they will still be susceptible to exploits, and thus, everyone on the planet will be susceptible to the exact same easy exploit all at once. Ever since people realized that the world was no longer safe to run telnet on, and ssh was invented with no other purpose but to be unbreakably secure, the gold standard in secure. Every day right now today on the very latest version of openssh, and every day for years, ssh is actually the single most problem causing service on my boxes. It's constantly attacked, and sometimes successfully to one degree or another. The only way I can prevent it, is to actually close it down enough that it's no longer useful. We're not talking successfully guessing poor passwords by users. As far as I can tell that's actually the one thing that hasn't happened. There is only one sshd for all intents. A few others exist but even on the commercial unixes everyone uses openssh. It doesn't lack for developers, and it doesn't suffer from fragmentation and developers wasting time working on other sshd's instead of making the one true one better. I used to run pretty ancient sco systems right on the net, didn't even have ssh just telnet, and actually never had a problem on any of them, because all the attacks that came at it were designed to break IIS and Apache and run on Windows or Linux. You could say that was just security by obscurity, which we all know is a fallacy. Except for 10 years all those systems ran while others got breached or crashed. That's not a fallacy that's a done deal. So it's also an example of the protection of diversity. When the recent java exploit came out, it didn't affect me, I don't happen to use the very popular java. When the ssl attack came out a little earlier, that also didn't affect me because I don't happen to use ssl except in a few corner cases. These are industry standard things that everybody agrees are the state of the art and the only way to go, and so practically everyone uses them. And so when they have a problem it affects everyone, all at once. Diversity is like any other form of backup, redundancy, distribution (vs centralization). It's overhead, which looks like inefficiency, but it's the only way to avoid periodically losing everything. -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org