(mastodon.social)

466 points CoolCold | 1 comments | 29 Apr 24 23:59 UTC | HN request time: 0.258s | source

Show context

gnufx ◴[30 Apr 24 20:33 UTC] No.40215962[source]▶

>>40205714 (OP) #

In fact, if factotum were implemented on Unix along with an analogue to the Plan 9 capability device, venerable programs like su and login would no longer need to be installed ‘‘setuid root.’’ — https://plan9.io/sys/doc/auth.html

replies(1): >>40220059 #

opless ◴[01 May 24 06:07 UTC] No.40220059[source]▶

>>40215962 #

Plan9port has factotum.

Plan9 has a completely different security model.

The Hostowner (usually Glenda) is essentially "root" and you're at the mercy of the filesystem regarding file privileges etc.

AFAIK there is no way to "become" glenda.

replies(2): >>40220096 #>>40229203 #

1. opless ◴[01 May 24 06:13 UTC] No.40220096[source]▶

>>40220059 #

In fact, according to sys/src/cmd/auth/login.c it looks like once you've logged it, you can shut the door using the capability device so then it's game over, no more hostowner for you

↑

Run0, a systemd based alternative to sudo, announced