(mastodon.social)

466 points CoolCold | 1 comments | 29 Apr 24 23:59 UTC | HN request time: 0.333s | source

Show context

airocker ◴[30 Apr 24 20:21 UTC] No.40215819[source]▶

>>40205714 (OP) #

I have seldom come across unix multiuser environments getting used anymore for servers. Its generally just one user on one physical machine now a days. I understand run0's promise is still useful but i would really like to see the whole unix permission system simplified for just one user who has sudo access.

replies(17): >>40215898 #>>40216049 #>>40216052 #>>40216221 #>>40216591 #>>40216746 #>>40216794 #>>40216847 #>>40217413 #>>40217462 #>>40218411 #>>40219644 #>>40219888 #>>40220264 #>>40221109 #>>40223012 #>>40225619 #

imtringued ◴[01 May 24 09:22 UTC] No.40221109[source]▶

>>40215819 #

You run everything as root or how am I supposed to understand that?

Sudo exists to execute commands with a different user. It's an abbreviation of "switch user (then) do" for a reason.

Most daemons run under a specific user. Things like docker that use a root Daemon are a security nightmare.

replies(1): >>40225955 #

1. airocker ◴[01 May 24 16:56 UTC] No.40225955[source]▶

>>40221109 #

You dont need to use docker. Containerd or just just direct cgroup manipulation: https://access.redhat.com/documentation/en-us/red_hat_enterp...

↑

Run0, a systemd based alternative to sudo, announced