That makes one more lie. Who keeps the count? Maybe five or six within a
week? Here is the bottom line on this vulnerability (which ended up not being
one):
Upon investigating this issue, the Red Hat Security Response Team has
determined that this is not a vulnerability. The ability to specify a desired
role when connecting to OpenSSH is a feature of how OpenSSH interacts with
SELinux. Users can only assign themselves SELinux roles which they have
permission to access. They cannot assign themselves arbitrary roles.
http://www.cvedetails.com/cve/CVE-2008-3234/
Even if there was a real vulnerability, it would be an OpenSSH's bug
(introduced by its developers), not a SELinux's bug. And, of course, one
would expect some evidence that it was "created with the explicit intention
to create holes". Anyway, it was not even a vulnerability.
What about the "similar concerns [that] have been raised with systemd"? Well,
let us see if HuangLao gives us any reference. Since he never gives any and
only piles up lies, I do not hold my breath.
