(mastodon.social)

466 points CoolCold | 1 comments | 29 Apr 24 23:59 UTC | HN request time: 0.202s | source

Show context

segasaturn ◴[30 Apr 24 16:19 UTC] No.40212733[source]▶

>>40205714 (OP) #

I asked this in a thread about this from last night and didn't get a reply. For context, the way "run0" works is to apparently send a signal to polkit that requests a command under the root user's ID and permissions, thereby getting a privileged shell without SUID:

> How hard would it be to create a program to send a signal to polkit "impersonating" run0 and obtain a root shell without entering a password?

Anybody know how this is being authenticated?

replies(2): >>40212982 #>>40214434 #

1. thayne ◴[30 Apr 24 18:29 UTC] No.40214434[source]▶

>>40212733 #

I would assume the authentication happens in polkit, so a fake client would only be able to run a command if it had the necessary credentials.

↑

Run0, a systemd based alternative to sudo, announced