Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Wow, are people seriously still fussing about this? Systemd made the call to use a more secure default, they should be applauded for it. People who want the insecure way to be the default should take it up with their distro.


Killing processes that explicitly called setsid() seems wrong to me, yes. It works for every other Unix like system.

And it leaves enough info (process is it's own separate session group) for logind to know it should leave it alone.


How is killing processes when the user "logs out" at all good for security? If the processes were malicious or vulnerable, they could have done their damage or been exploited while the user was still logged in.


You don't think malicious code could wait for certain specific times to trigger, rather than running immediately during an active login session where it could be traced back to?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: