• BaumGeist@lemmy.ml
    link
    fedilink
    arrow-up
    23
    arrow-down
    4
    ·
    1 month ago

    To the feature creep: that’s kind of the point. Why have a million little configs, when I could have one big one? Don’t answer that, it’s rhetorical. I get that there are use cases, but the average user doesn’t like having to tweak every component of the OS separately before getting to doom-scrolling.

    And that feature creep and large-scale adoption inevitably has led to a wider attack surface with more targets, so ofc there will be more CVEs, which—by the way—is a terrible metric of relative security.

    You know what has 0 CVEs? DVWA.

    You know what has more CVEs and a higher level of privilege than systemd? The linux kernel.

    And don’tme get started on how bughunters can abuse CVEs for a quick buck. Seriously: these people’s job is seeing how they can abuse systems to get unintended outcomes that benefit them, why would we expect CVEs to be special?

    TL;DR: That point is akin to Trump’s argument that COVID testing was bad because it led to more active cases (implied: being discovered).

      • TheKingBee@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        1
        ·
        1 month ago

        is it overengineering or just a push back against “make each program do one thing well,” and saying yeah but I have n things to do and I only need them done, well or not I just need them done and don’t want to dig through 20 files to do it…

        • MonkderVierte@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          1 month ago

          I’d argue s6 does that aspect better, and without overengineering and userspace-dependents. Systemd was just the earlier bird.