Author: Laurent Bercot Date: To: dng Subject: Re: [DNG] [announce] s6-rc,
a s6-based service manager for Unix systems
On 24/09/2015 21:23, Steve Litt wrote: > What's the benefit of having the shortest run-time code path of any
> service manager?
- Speed: a short run-time code path means that less instructions are
executed, so the job is done faster. The point is to do the amount
of necessary work (calling the scripts, starting the services) with
as little overhead as possible.
- Safety: less run-time code means less places where things can
go wrong. At this low level, it's not always possible to recover
when something goes wrong; you want to perform as few instructions
as possible in such a place.
- Security: less code means less attack surface. A service manager
usually runs as root, so it needs to be trusted code. By minimizing
the amount of code run as root, you minimize the risk of exploitable
security holes.
- Maintainability/QA: it's easier to debug a piece of code / ensure
it works properly when said piece of code is not all over the place.
A bug in the s6-rc engine happens within 20 kB of code, which should
make it easier to narrow down than a bug in systemd, or even in OpenRC.