←back to thread

Run0, a systemd based alternative to sudo, announced

(mastodon.social)
466 points CoolCold | 1 comments | 29 Apr 24 23:59 UTC | HN request time: 0.208s | source
Show context
pmlnr ◴[30 Apr 24 06:14 UTC] No.40207739[source]
> The developer talks about the weaknesses of sudo, and how it has a large possible attack surface

Poettering's hypocrisy is painful.

replies(2): >>40207851 #>>40215571 #
mort96 ◴[30 Apr 24 06:30 UTC] No.40207851[source]
Is it? Does systemd's sudo replacement also have a lot of complex code running as root in a suid binary?

Because that's what he's complaining about

replies(3): >>40207883 #>>40208574 #>>40208584 #
jpollock ◴[30 Apr 24 06:35 UTC] No.40207883[source]
People blame systemd for making the liblzma problem larger than it should have been.

https://marc.info/?l=openbsd-misc&m=171227941117852&w=2

"Liblzma ends up dynamically linked to sshd because of a systemd-related extension added by many Linux packagers that pulls in liblzma as an unrelated dependency."

https://news.ycombinator.com/item?id=39866076

"openssh does not directly use liblzma. However debian and several other distributions patch openssh to support systemd notification, and libsystemd does depend on lzma."

replies(3): >>40207931 #>>40207948 #>>40208269 #
1. ◴[30 Apr 24 06:42 UTC] No.40207931[source]