Hi there,
in the light of the recent xz attack I was wondering, whether we should
also reduce our library dependencies by no longer using sd_notify() in
mod_systemd (thus loading libsystemd and all of its dependencies), but
instead taking the approach to hard code sd_notify functionality.
I guess the Linux distributors who patched sshd to use libsystemd for
notification are on their way to do the same for their sshd patches, so
we might soon get an idea how to do that properly.
This is not meant to become part of out next release (this week), but
hopefully we can manage to code it for the next one.
WDYT: does this make sense?
A little bit of technical background is contained in
https://news.ycombinator.com/item?id=39867126
Best regards,
Rainer
