←back to thread

Run0, a systemd based alternative to sudo, announced

(mastodon.social)
466 points CoolCold | 1 comments | 29 Apr 24 23:59 UTC | HN request time: 0s | source
Show context
pmlnr ◴[30 Apr 24 06:14 UTC] No.40207739[source]
> The developer talks about the weaknesses of sudo, and how it has a large possible attack surface

Poettering's hypocrisy is painful.

replies(2): >>40207851 #>>40215571 #
mort96 ◴[30 Apr 24 06:30 UTC] No.40207851[source]
Is it? Does systemd's sudo replacement also have a lot of complex code running as root in a suid binary?

Because that's what he's complaining about

replies(3): >>40207883 #>>40208574 #>>40208584 #
jpollock ◴[30 Apr 24 06:35 UTC] No.40207883[source]
People blame systemd for making the liblzma problem larger than it should have been.

https://marc.info/?l=openbsd-misc&m=171227941117852&w=2

"Liblzma ends up dynamically linked to sshd because of a systemd-related extension added by many Linux packagers that pulls in liblzma as an unrelated dependency."

https://news.ycombinator.com/item?id=39866076

"openssh does not directly use liblzma. However debian and several other distributions patch openssh to support systemd notification, and libsystemd does depend on lzma."

replies(3): >>40207931 #>>40207948 #>>40208269 #
deng ◴[30 Apr 24 06:46 UTC] No.40207948{3}[source]
So that's your best shot against systemd?

- Linux packagers decide to patch sshd to use libsystemd for a notification, that could have been trivially done without this library.

- libsystemd depends on libzlma

- libzlma depends on xz

And therefore, systemd is insecure?

And what does this have to do with the fact that SUID is a terrible idea that needs to go?

replies(3): >>40208009 #>>40208035 #>>40208416 #
tgv ◴[30 Apr 24 07:03 UTC] No.40208035{4}[source]
First, getting rid of setuid (I guess you'd have to get rid of the whole thing, not just the permission bit) is not the same as making systemd an integral part of the OS.

Second, when even the package maintainers can make such "trivial" mistakes, something is wrong. You'd expect a component such as systemd to be much more trustworthy than some random library.

I'm not arguing against systemd, just that it seems to grow and grow, and is not the correct place for security. It security is obviously broken.

replies(3): >>40208200 #>>40208305 #>>40209404 #
1. jononor ◴[30 Apr 24 07:51 UTC] No.40208305{5}[source]
Package maintainers of a distro can do absolutely anything to a package. With zero input from upstream developers. Some distros have more tradition for patching software than others. An upstream like systemd (or openssh) can hardly be blamed for what others do with their software.