this post was submitted on 20 Feb 2026
123 points (76.2% liked)
Technology
81606 readers
4558 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Why are binaries uniquely attackable in a way that init scripts aren't?
Init scripts are just scripts. Technically, they don't introduce any unique vulnerabilities of their own. Just the flaws in the shell itself or server binaries. A poorly written script absolutely can and will still fuck your day up.
SystemD is a program. Which could introduce its own unique buffer overflows or use after free opportunities. I've not heard of any. But its possible. However, its standard set of interfaces and systems make the risks of writing your own bad scripts or just using other people's random bad scripts like we used to much less an issue.
Nobody is packaging a standard init script across all distros, basically. A script is expected to be unique per machine or at least per admin setting up a set of machines. A binary could have a secret exploit installed in it that nobody can see/audit before it's too late.
At least that's the theory. Personally I love systemd