Vigdis is a user on unixcorn.xyz. You can follow them or interact with them if you have an account anywhere in the fediverse.
If you don't, you can sign up here.
Remember how systemd starting as root if the username starts with a digit isn't a bug? Turns out they're technically right. It's not a bug.
It's a bug worthy of a CVE. CVE-2017-1000082, which had to be requested by third parties. Like, I suspect, every systemd CVE ever.
@jgoguen imho not requesting a CVE is not really the problem. The problem is that they deny that's a bug, not even a security bug but a mere bug.
@Vigdis It smacks of serious lack of care for keeping end users (who care) and packagers and administrators informed of serious issues they're going to want to update to address. It just isn't acceptable for a project that wants to replace something as core as init, more so because they're trying to replace virtually every core important component.