A sysadmin has developed 48 characters of code that he claims can crash most popular Linux distributions.
Andrew Ayer, a Linux administrator and founder of SSLMate, explains his code works by crashing systemd, an open-source init system that is used to boot up most Linux distributions.
Users can choose to run systemd as the first processes a Linux distribution executes upon boot-up, otherwise known as Process ID 1.
Under those circumstances, Ayer warns a local user can abuse his code, NOTIFY_SOCKET=/run/systemd/notify systemd-notify "", to cause a denial-of-service condition on a critical system component:
“After running this command, PID 1 is hung in the pause system call. You can no longer start and stop daemons. inetd-style services no longer accept connections. You cannot cleanly reboot the system. The system feels generally unstable (e.g. ssh and su hang for 30 seconds since systemd is now integrated with the login system).”
At 48 characters long, this code is short enough to fit into a single Tweet.
How to crash systemd in one Tweet:
NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""https://t.co/9HNVhEoeYs
— Andrew Ayer (@__agwa) September 28, 2016
According to Ayer, the problem doesn’t just stop at a single vulnerability. He feels systemd is overall “defective by design” and argues the system has adopted too many features, thereby making PID 1 too complex.
Ayer concludes by urging Linux admins to not replace existing services with systemd and and application developers to not use systemd’s non-standard interfaces.
That explanation might work for Ayer. But it doesn’t for others in the field.
In particular, Pantheon CTO and co-founder David Timothy Strauss wrote his own blog post calling out most of Ayer’s claims as “wrong or misleading.”
He especially takes issue with the notion that systemd “crashes”:
“There are some services that attempt to use systemd but will time out in 30 seconds (by default) if it is unavailable. These facilities are degrading gracefully, which is exactly what should happen.”
Not wanting to give up the last word, Ayer responded to Strauss by saying systemd is useful only for whole application sandboxing.
Disagreement is the cornerstone of tech communities. In one sense, arguments can drive our understanding forward. But in another frame of mind, they can mire us in gritty technical details.
As Linux users continue to debate the utility and complexity of systemd, a patch has been released for the vulnerability identified by Ayer. You can find it on Github.
If you’re a Linux admin, please go ahead and implement it as soon as possible.
"If you're a Linux admin, please go ahead and implement it as soon as possible." The patch or Ayer's string? ;-)
Here's David Timothy Strauss' explanation to what *should* happen: "There are some services that attempt to use systemd but will time out in 30 seconds (by default) if it is unavailable. These facilities are degrading gracefully, which is exactly what should happen." Well, here's what actually happened. I wrapped the command in a while-true-loop and executed is on a CentOS 7 server, as a normal user in a shell. The server did not "degrade gracefully", it became completely unresponsive, and I was unable to shut it down or restart it normally. I'd like to add that Mister Strauss' reaction is symptomatic for the way systemd folks treat bug reports. An unhealthy mix of denial, ignorance and ad hominem attacks. No wonder why a significant percentage of sysadmins are pissed off by systemd. Me, I'm one of these strange people who use Slackware on all their servers and desktops.