• Systemd-init has a larger attack surface compared to runit, openrc, or sysVinit.

  • Systemd-logind relies on systemd, so we need to adapt it for non-systemD distributions to ensure compatibility with certain applications like GNOME.

  • Udev also depends on systemd.

  • SystemD is specific to Linux, which makes porting software to *BSD even more challenging. It’s uncertain what the future holds, and there may be circumstances where Linux becomes unusable for you (e.g., compatibility issues with your laptop). Having a good alternative that doesn’t require relearning everything is generally beneficial.

  • SystemD-based distributions often come with more than just “systemd-init.” They include additional components like logind, resolved, networkd, systemd-timers, etc. However, many people still prefer using the alternatives they were accustomed to before systemd became popular, such as dhcpcd and cron. Consequently, having both sets of tools installed can increase the attack surface.

  • UnsafeOP
    link
    fedilink
    arrow-up
    2
    arrow-down
    8
    ·
    11 months ago

    in there.

    Whonix Dev quote:

    Use a distribution with an init system other than systemd. systemd contains a lot of unnecessary attack surface… ©Linux Hardening Guide

    • UnsafeOP
      link
      fedilink
      arrow-up
      1
      arrow-down
      8
      ·
      11 months ago

      It’s a matter of probability. Probability of discovering vulnerabilities in multiple tools doing same thing is higher than in just one.