"run0" as a sudo replacement
Date:
Tue, 30 Apr 2024 14:01:29 +0000
Description:
This
Mastodon stream from Lennart Poettering describes a sudo replacement called run0 that will be part of the upcoming
systemd 256 release. It takes a rather different approach to the execution
of privileged commands, avoiding the use of setuid (which he calls "SUID") permissions entirely. So, in my ideal world, we'd have an OS entirely without SUID. Let's
throw out the concept of SUID on the dump of UNIX' bad ideas. An
execution context for privileged code that is half under the
control of unprivileged code and that needs careful manual clean-up
is just not how security engineering should be done in 2024
anymore.
======================================================================
Link to news story:
https://lwn.net/Articles/971745/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)