To the feature creep: that’s kind of the point. Why have a million little configs, when I could have one big one? Don’t answer that, it’s rhetorical. I get that there are use cases, but the average user doesn’t like having to tweak every component of the OS separately before getting to doom-scrolling.
And that feature creep and large-scale adoption inevitably has led to a wider attack surface with more targets, so ofc there will be more CVEs, which—by the way—is a terrible metric of relative security.
You know what has more CVEs and a higher level of privilege than systemd? The linux kernel.
And don’tme get started on how bughunters can abuse CVEs for a quick buck. Seriously: these people’s job is seeing how they can abuse systems to get unintended outcomes that benefit them, why would we expect CVEs to be special?
TL;DR: That point is akin to Trump’s argument that COVID testing was bad because it led to more active cases (implied: being discovered).
is it overengineering or just a push back against “make each program do one thing well,” and saying yeah but I have n things to do and I only need them done, well or not I just need them done and don’t want to dig through 20 files to do it…
Bullshit, there’s always reasons listed. Some more, some less opiniated, but there’s always lists.
For me personally:
Try writing a init script on systemD.
It’s amazingly simple
But only that.
Btw, dinit is simpler. :)p
To the feature creep: that’s kind of the point. Why have a million little configs, when I could have one big one? Don’t answer that, it’s rhetorical. I get that there are use cases, but the average user doesn’t like having to tweak every component of the OS separately before getting to doom-scrolling.
And that feature creep and large-scale adoption inevitably has led to a wider attack surface with more targets, so ofc there will be more CVEs, which—by the way—is a terrible metric of relative security.
You know what has 0 CVEs? DVWA.
You know what has more CVEs and a higher level of privilege than systemd? The linux kernel.
And don’tme get started on how bughunters can abuse CVEs for a quick buck. Seriously: these people’s job is seeing how they can abuse systems to get unintended outcomes that benefit them, why would we expect CVEs to be special?
TL;DR: That point is akin to Trump’s argument that COVID testing was bad because it led to more active cases (implied: being discovered).
Sure, some like overengineering.
is it overengineering or just a push back against “make each program do one thing well,” and saying yeah but I have n things to do and I only need them done, well or not I just need them done and don’t want to dig through 20 files to do it…
I’d argue s6 does that aspect better, and without overengineering and userspace-dependents. Systemd was just the earlier bird.