Properly indent code.

2023-06-23 00:35:16 +01:00 · 2023-06-23 00:35:16 +01:00 · cffebab69a
commit cffebab69a
parent 091df2ad22
1 changed files with 77 additions and 77 deletions
--- a/blog/systemd_insecurity.html
+++ b/blog/systemd_insecurity.html
@ -5,84 +5,84 @@
 <!-- Copyright 2022 Jake Winters -->
 <!-- SPDX-License-Identifier: BSD-3-Clause -->
-<!-- Version: 4.1.0.22 -->
+<!-- Version: 4.1.0.23 -->
 <html>
-<head>
+		<head>
-		<title>Inferencium - Blog - systemd Insecurity</title>
+				<title>Inferencium - Blog - systemd Insecurity</title>
-		<link rel="stylesheet" href="../inf.css">
+				<link rel="stylesheet" href="../inf.css">
-		<meta name="viewport" content="width=device-width, initial-scale=1">
+				<meta name="viewport" content="width=device-width, initial-scale=1">
-</head>
+		</head>
-<!-- Navigation bar -->
+		<!-- Navigation bar -->
-<div class="sidebar">
+		<div class="sidebar">
-		<a href="../index.html"><img src="../asset/img/logo-inferencium-no_text.png" width="110px" height="110px"></a>
+				<a href="../index.html"><img src="../asset/img/logo-inferencium-no_text.png" width="110px" height="110px"></a>
-		<a href="../index.html" class="title">Inferencium</a><br>
+				<a href="../index.html" class="title">Inferencium</a><br>
-		<br>
+				<br>
-		<br>
+				<br>
-		<div><a href="../about.html">About</a></div>
+				<div><a href="../about.html">About</a></div>
-		<div><a href="../contact.html">Contact</a></div>
+				<div><a href="../contact.html">Contact</a></div>
-		<div><a href="../blog.html">Blog</a></div>
+				<div><a href="../blog.html">Blog</a></div>
-		<div><a href="../source.html">Source</a></div>
+				<div><a href="../source.html">Source</a></div>
-		<div><a href="../key.html">Key</a></div>
+				<div><a href="../key.html">Key</a></div>
-</div>
+		</div>
-<body>
+		<body>
-		<h1>Blog - #1</h1>
+				<h1>Blog - #1</h1>
-		<h2>systemd Insecurity</h2>
+						<h2>systemd Insecurity</h2>
-		<p class="update_date">Posted: 2022-01-29 (UTC+00:00)</p>
+								<p class="update_date">Posted: 2022-01-29 (UTC+00:00)</p>
-		<p class="update_date">Updated: 2022-11-14 (UTC+00:00)</p>
+								<p class="update_date">Updated: 2022-11-14 (UTC+00:00)</p>
-		<!-- Table of contents -->
+						<!-- Table of contents -->
-		<h2 id="toc"><a href="#toc" class="h2">Table of Contents<a/></h2>
+						<h2 id="toc"><a href="#toc" class="h2">Table of Contents<a/></h2>
-		<ul>
+								<ul>
-				<li><a href="#issue0" class="body-link">Issue #0 - Against CVE Assignment</a></li>
+										<li><a href="#issue0" class="body-link">Issue #0 - Against CVE Assignment</a></li>
-				<li><a href="#issue1" class="body-link">Issue #1 - CVEs Are Not Useful</a></li>
+										<li><a href="#issue1" class="body-link">Issue #1 - CVEs Are Not Useful</a></li>
-				<li><a href="#issue2" class="body-link">Issue #2 - Security is a Circus</a></li>
+										<li><a href="#issue2" class="body-link">Issue #2 - Security is a Circus</a></li>
-				<li><a href="#issue3" class="body-link">Issue #3 - Blaming the User</a></li>
+										<li><a href="#issue3" class="body-link">Issue #3 - Blaming the User</a></li>
-		</ul>
+								</ul>
-		<p>Anyone who cares about security may want to switch from systemd as soon as possible; its lead
+								<p>Anyone who cares about security may want to switch from systemd as soon as possible; its lead
-		developer doesn't care about your security at all.</p>
+								developer doesn't care about your security at all.</p>
-		<h2 id="issue0"><a href="#issue0" class="h2">Issue #0 - Against CVE Assignment</a></h2>
+						<h2 id="issue0"><a href="#issue0" class="h2">Issue #0 - Against CVE Assignment</a></h2>
-		<br>
+						<br>
-		<blockquote>"You don't assign CVEs to every single random bugfix we do, do you?"</blockquote>
+								<blockquote>"You don't assign CVEs to every single random bugfix we do, do you?"</blockquote>
-		<p>- Lennart Poettering, systemd lead developer</p>
+								<p>- Lennart Poettering, systemd lead developer</p>
-		<p>My thoughts:<br>
+								<p>My thoughts:<br>
-		Yes, if they're security-related.</p>
+								Yes, if they're security-related.</p>
-		<p>Source:<br>
+								<p>Source:<br>
-		<a href="https://github.com/systemd/systemd/pull/5998#issuecomment-303782334" class="body-link">systemd GitHub Issue 5998</a></p>
+								<a href="https://github.com/systemd/systemd/pull/5998#issuecomment-303782334" class="body-link">systemd GitHub Issue 5998</a></p>
-		<h2 id="issue1"><a href="#issue1" class="h2">Issue #1 - CVEs Are Not Useful</a></h2>
+						<h2 id="issue1"><a href="#issue1" class="h2">Issue #1 - CVEs Are Not Useful</a></h2>
-		<blockquote>"Humpf, I am not convinced this is the right way to announce this. We never did that, and half the
+								<blockquote>"Humpf, I am not convinced this is the right way to announce this. We never did that, and half the
-		CVEs aren't useful anyway, hence I am not sure we should start with that now, because it is either
+								CVEs aren't useful anyway, hence I am not sure we should start with that now, because it is either
-		inherently incomplete or blesses the nonsensical part of the CVE circus which we really shouldn't
+								inherently incomplete or blesses the nonsensical part of the CVE circus which we really shouldn't
-		bless..."</blockquote>
+								bless..."</blockquote>
-		<p>- Lennart Poettering, systemd lead developer</p>
+								<p>- Lennart Poettering, systemd lead developer</p>
-		<p>My thoughts:<br>
+								<p>My thoughts:<br>
-		CVEs are supposed to be for security, and a log of when they were found and their severity, so yes,
+								CVEs are supposed to be for security, and a log of when they were found and their severity, so yes,
-		it *is* the correct way to announce it. It seems as if over 95 security-concious people think the
+								it *is* the correct way to announce it. It seems as if over 95 security-concious people think the
-		same.</p>
+								same.</p>
-		<p>Source:<br>
+								<p>Source:<br>
-		<a href="https://github.com/systemd/systemd/pull/6225#issuecomment-311739869" class="body-link">systemd GitHub Issue 6225</a></p>
+								<a href="https://github.com/systemd/systemd/pull/6225#issuecomment-311739869" class="body-link">systemd GitHub Issue 6225</a></p>
-		<h2 id="issue2"><a href="#issue2" class="h2">Issue #2 - Security is a Circus</a></h2>
+						<h2 id="issue2"><a href="#issue2" class="h2">Issue #2 - Security is a Circus</a></h2>
-		<blockquote>"I am not sure I buy enough into the security circus to do that though for any minor
+								<blockquote>"I am not sure I buy enough into the security circus to do that though for any minor
-		issue..."</blockquote>
+								issue..."</blockquote>
-		<p>- Lennart Poettering, systemd lead developer</p>
+								<p>- Lennart Poettering, systemd lead developer</p>
-		<p>Source:<br>
+								<p>Source:<br>
-		<a href="https://github.com/systemd/systemd/issues/5144#issuecomment-276740654" class="body-link">systemd GitHub Issue 5144</a></p>
+								<a href="https://github.com/systemd/systemd/issues/5144#issuecomment-276740654" class="body-link">systemd GitHub Issue 5144</a></p>
-		<h2 id="issue3"><a href="#issue3" class="h2">Issue #3 - Blaming the User</a></h2>
+						<h2 id="issue3"><a href="#issue3" class="h2">Issue #3 - Blaming the User</a></h2>
-		<blockquote>"Yes, as you found out "0day" is not a valid username. I wonder which tool permitted you to create
+								<blockquote>"Yes, as you found out "0day" is not a valid username. I wonder which tool permitted you to create
-		it in the first place. Note that not permitting numeric first characters is done on purpose: to
+								it in the first place. Note that not permitting numeric first characters is done on purpose: to
-		avoid ambiguities between numeric UID and textual user names.
+								avoid ambiguities between numeric UID and textual user names.
-		<br>
+								<br>
-		systemd will validate all configuration data you drop at it, making it hard to generate invalid
+								systemd will validate all configuration data you drop at it, making it hard to generate invalid
-		configuration. Hence, yes, it's a feature that we don't permit invalid user names, and I'd consider
+								configuration. Hence, yes, it's a feature that we don't permit invalid user names, and I'd consider
-		it a limitation of xinetd that it doesn't refuse an invalid username.<br>
+								it a limitation of xinetd that it doesn't refuse an invalid username.<br>
-		<br>
+								<br>
-		So, yeah, I don't think there's anything to fix in systemd here. I understand this is annoying, but
+								So, yeah, I don't think there's anything to fix in systemd here. I understand this is annoying, but
-		still: the username is clearly not valid."</blockquote>
+								still: the username is clearly not valid."</blockquote>
-		<p>- Lennart Poettering, systemd lead developer</p>
+								<p>- Lennart Poettering, systemd lead developer</p>
-		<p>My thoughts:<br>
+								<p>My thoughts:<br>
-		systemd was the thing that allowed root access just because a username started with a number, then
+								systemd was the thing that allowed root access just because a username started with a number, then
-		Poettering blamed the user.</p>
+								Poettering blamed the user.</p>
-		<p>Source:<br>
+								<p>Source:<br>
-		<a href="https://github.com/systemd/systemd/issues/6237#issuecomment-311900864" class="body-link">systemd GitHub Issue 6237</a></p>
+								<a href="https://github.com/systemd/systemd/issues/6237#issuecomment-311900864" class="body-link">systemd GitHub Issue 6237</a></p>
-</body>
+		</body>
 </html>