I'm not bitter, I'm wary of systemd in a security context. Their vulns seem to be a result of poor choices made deliberately rather than mistakes or sloppy coding (e.g. defaulting to running units as root when the UID/username couldn't be parsed). Lennart was staunchly anti-CVE, which to me seems again like making a deliberate choice that will only hinder a secure implementation.
I haven't followed systemd too closely, has their stance on CVEs at least evolved?
