Surprise surprise, when I lookup "systemd root vulnerability" on youtube, all I see is that idiot whose name starts with L.

To anyone who thinks there is a systemd root privilege escalation vulnerability discovered recently. Please read the technical details instead of listening to idiots on youtube and reddit.

https://cdn2.qualys.com/advisory/2026/03/17/snap-confine-systemd-tmpfiles.txt

Because, if you actually read the technical details of this vulnerability, you'll know that it is a *snapd* vulnerability (which involved misconfiguration in systemd-tmpfiles). It is *NOT* a systemd vulnerability, and anyone who's telling you the opposite does not have a single idea what they're talking about.

I am specifically looking at that complete idiot on youtube who keeps bringing up things completely out of context, is a literal nazi, and whose name starts with L.

Please, don't listen to idiots who don't know anything about the subject they're bringing up.

@justsoup Slowly starting to feel the same way for age verification and uspol..

I mean, I do care about these subjects, but at some point it's kind of getting unhealthy.

seems this pdf is hardcoded to tell me to use a newer version of adobe reader, even if i'm not using adobe reader. incredible innovation in the pdf space

As the number of LLM-generated patches in my inbox increases, I am starting to experience the sort of maintainer stress that has long been predicted. But there's another aspect of this that has recently crossed my mind.

Just over a week ago, a new personality showed up with a whole pile of machine-generated patches claiming to fill in our memory-management documentation. A few reviewers had some sharp questions, the response to which has been ... silence. This person doesn't seem to have cared enough about that work to make an effort to get past the initial resistance.

Once upon a time, somebody who had produced many pages of MM documentation would be invested enough in that work to make at least a minimal attempt to defend it.

Kernel developers often worry that a patch submitter will not stick around to maintain the code they are trying to push upstream. Part of the gauntlet of getting kernel patches accepted can be seen as a sort of "are you serious?" test.

When somebody submits a big pile of machine-generated code, though, will they be *able* to maintain it? And will they be sufficiently invested in this code, which they didn't write and probably don't understand, to stick around and fix the inevitable problems that will arise? I rather fear not, and that does not bode well for the long-term maintainability of our software.

Stop using AI, people. I don't care if it makes things easier for you. You're sucking up water, burning the planet, models were trained on stolen data, and you're making the rich even richer. And I didn't even list all of the issues with AI.

boost this cat when they least expect it

@DenJohn @TheOneDoc @elly @lanodan @mgorny @moses_izumi it works 60% of the time anyway.

@DenJohn @elly @moses_izumi @lanodan @mgorny @TheOneDoc I've been told that Fermi will never get NVK, then I've been told that it might get NVK after all. Idk.

@justsoup Yeah there's still humans around, so I'm not completely against systemd. But still, gives not so great vibes..

@pj @justsoup I like Wayland, but also I think many X11 DEs (xfce, mate...) are awesome too.. like, I can spend hours customizing MATE with its iconic old themes that never look boring to me :>

Wayland has its drawbacks like any other technology. (and so does X11)

@justsoup @pj (this is the perfect thread to be very clear that lunduke is a complete idiot)

@pj @justsoup besides, using claude because they were given api tokens for free, says a lot about principles..

@pj @justsoup some linux maintainers are also going that route now :(

@pj @justsoup already bad in itself I think.

No one is happy with age verification, in the one hand.

But in the other hand, *please* don't harass maintainers. It only makes things worse.
Don't listen to stupid people who don't know what they're talking about like lunduke.

It really does not help.

@justsoup oh of course

all this makes me a lot more reluctant about switching to systemd on my host really

@dalias @burnoutqueen

yes, I get that. I also am transgender and have been smeared by Lunduke in an episode of his podcast that he dedicated talking about how I am a transgender rabbit therian and thus it could not possibly be xlibre's own community behavior that makes people not want to deal with them.

anyway I hear a lot of talking about the law and I am also autistic as fuck so pattern recognition is something I lock into very easily.

so I notice the talking points about the law are as described by Lunduke and how his misinformation has diffused around fedi, and much less debate about what is actually in it. people copy, paste and react to talking points all day on fedi.

my point is that the aspects of the law that I bring up, nobody knows about them because none of the journalists have talked about what is actually in the law and are instead turning it into a boogeyman for clicks like Lunduke did. he just did it before everyone else.

internally in alpine we have been debating what, if anything, to do about this law for almost a month now, so it is possible that things look differently to me :)

so anyway:

1. i would put money on Linux distributions with package managers being left alone. I just don't see the risk. if anything the risk is as you say, that we are complying in advance without even being confronted.

2. some distributions which have actual app stores (e.g. elementaryOS) probably will have to comply with this somehow because they have more of the right shape. i don't think that makes them evil, to any more extent than participation in capitalism is evil by default. i would rather the trans woman running the indie distro keep her income.

3. in general I think people should calm down just a little bit and engage with these legislation attempts to protect our interests as distribution maintainers. this way we aren't caught off guard. it was surprising to see that this was not on anyone's radar. I seriously wonder where LF was here, for example.

@Khrys that's called harassment