From 3b3230d6cc2f1ba7285e25510f709ff41fbb5a08 Mon Sep 17 00:00:00 2001
From: inference <admin@inferencium.net>
Date: Tue, 20 Dec 2022 02:19:21 +0000
Subject: [PATCH] Update filenames to new file naming system.

---
 blog/systemd_insecurity.html | 114 +++++++++++++++++++++++++++++++++++
 1 file changed, 114 insertions(+)
 create mode 100644 blog/systemd_insecurity.html

diff --git a/blog/systemd_insecurity.html b/blog/systemd_insecurity.html
new file mode 100644
index 0000000..a67ca37
--- /dev/null
+++ b/blog/systemd_insecurity.html
@@ -0,0 +1,114 @@
+<!DOCTYPE html>
+
+<!-- Inferencium - Website - Blog - #1 -->
+
+<!-- Copyright 2022 Inference -->
+<!-- License: BSD 3-Clause Clear (with personal content exception) -->
+
+<!-- 0.2.2.4 -->
+
+
+<html>
+
+<head>
+		<title>Inferencium - Blog - systemd Insecurity</title>
+		<link rel="stylesheet" href="../inf.css">
+</head>
+
+<!-- Navigation bar. -->
+<div class="sidebar">
+		<img src="../img/logo-inferencium-no_text.png"
+		width="110px" height="110px">
+		<a class="title">Inferencium</a><br>
+		<br>
+		<br>
+		<div><a href="../about.html">About</a></div>
+		<div><a href="../contact.html">Contact</a></div>
+		<div><a href="../blog.html">Blog</a></div>
+		<div><a href="../source.html">Source</a></div>
+</div>
+
+<body>
+<h1>Blog - #1</h1>
+<br>
+<h2>systemd Insecurity</h2>
+<br>
+<p>Posted: 2022-01-29 (UTC+00:00)</p>
+<p>Updated: 2022-11-14 (UTC+00:00)</p>
+<br>
+<br>
+
+<p>Anyone who cares about security may want to switch from systemd as soon as possible; its lead
+developer doesn't care about your security at all.</p>
+<br>
+<br>
+<h3>Issue #0 - Against CVE Assignment</h3>
+<br>
+<p>Poettering:<br>
+"You don't assign CVEs to every single random bugfix we do, do you?"</p>
+<br>
+<p>My thoughts:<br>
+Yes, if they're security-related.</p>
+<br>
+<p>Source:<br>
+<a class="body-link" href="https://github.com/systemd/systemd/pull/5998#issuecomment-303782334"
+>systemd GitHub Issue 5998</a></p>
+<br>
+<br>
+<br>
+<h3>Issue #1 - CVEs Are Not Useful</h3>
+<br>
+<p>Poettering:<br>
+"Humpf, I am not convinced this is the right way to announce this. We never did that, and half the
+CVEs aren't useful anyway, hence I am not sure we should start with that now, because it is either
+inherently incomplete or blesses the nonsensical part of the CVE circus which we really shouldn't
+bless..."</p>
+<br>
+<p>My thoughts:<br>
+CVEs are supposed to be for security, and a log of when they were found and their severity, so yes,
+it *is* the correct way to announce it. It seems as if over 95 security-concious people think the
+same.</p>
+<br>
+<p>Source:<br>
+<a class="body-link" href="https://github.com/systemd/systemd/pull/6225#issuecomment-311739869"
+>systemd GitHub Issue 6225</a></p>
+<br>
+<br>
+<br>
+<h3>Issue #2 - Security is a Circus</h3>
+<br>
+<p>Poettering:<br>
+"I am not sure I buy enough into the security circus to do that though for any minor issue..."</p>
+<br>
+<p>Source:<br>
+<a class="body-link" href="https://github.com/systemd/systemd/issues/5144#issuecomment-276740654"
+>systemd GitHub Issue 5144</a></p>
+<br>
+<br>
+<br>
+<h3>Issue #3 - Blaming the User</h3>
+<br>
+<p>Poettering:<br>
+"Yes, as you found out "0day" is not a valid username. I wonder which tool permitted you to create
+it in the first place. Note that not permitting numeric first characters is done on purpose: to
+avoid ambiguities between numeric UID and textual user names.<br>
+<br>
+systemd will validate all configuration data you drop at it, making it hard to generate invalid
+configuration. Hence, yes, it's a feature that we don't permit invalid user names, and I'd consider
+it a limitation of xinetd that it doesn't refuse an invalid username.<br>
+<br>
+So, yeah, I don't think there's anything to fix in systemd here. I understand this is annoying, but
+still: the username is clearly not valid."</p>
+<br>
+<p>My thoughts:<br>
+systemd was the thing that allowed root access just because a username started with a number, then
+Poettering blamed the user.</p>
+<br>
+<p>Source:<br>
+<a class="body-link" href="https://github.com/systemd/systemd/issues/6237#issuecomment-311900864"
+>systemd GitHub Issue 6237</a></p>
+<br>
+<br>
+</body>
+
+</html>