#allsystemsgo re "A Security Model for systemd" the one little thing that really stood out for me was "WX for filesystems". how did i not think about it that way before? this makes total sense as a policy for secured immutable systems
A Security Model for systemd
https://media.ccc.de/v/all-systems-go-2025-354-a-security-model-for-systemdLinux lacks a coherent security model, and by extension we never defined one for t...YouTube