←back to thread

Run0, a systemd based alternative to sudo, announced

(mastodon.social)
466 points CoolCold | 3 comments | 29 Apr 24 23:59 UTC | HN request time: 0.787s | source
Show context
airocker ◴[30 Apr 24 20:21 UTC] No.40215819[source]
I have seldom come across unix multiuser environments getting used anymore for servers. Its generally just one user on one physical machine now a days. I understand run0's promise is still useful but i would really like to see the whole unix permission system simplified for just one user who has sudo access.
replies(17): >>40215898 #>>40216049 #>>40216052 #>>40216221 #>>40216591 #>>40216746 #>>40216794 #>>40216847 #>>40217413 #>>40217462 #>>40218411 #>>40219644 #>>40219888 #>>40220264 #>>40221109 #>>40223012 #>>40225619 #
gnufx ◴[30 Apr 24 20:39 UTC] No.40216052[source]
Visit the research computing environment sometime, for instance. The libzma SSH compromise was considered very worrying, after all.
replies(1): >>40216399 #
1. richardwhiuk ◴[30 Apr 24 21:10 UTC] No.40216399[source]
That didn't need multi-users.
replies(1): >>40229087 #
2. gnufx ◴[01 May 24 20:40 UTC] No.40229087[source]
No, but that's the case I've overwhelmingly seen over the decades. Anyway, are you going to redesign ssh not to require a user, for instance? I assume you wouldn't want sshd running as the putative single user.

[I'm all for replacing notions of privileges/permissions with capabilities.]

replies(1): >>40236596 #
3. richardwhiuk ◴[02 May 24 14:17 UTC] No.40236596[source]
Yes, i'd rather that the sshd daemon ran with a restricted set of capabilities.