"run0" as a sudo replacement

by
corbet
from LWN.net on (#6MF3X)
ThisMastodon stream from Lennart Poettering describes a sudoreplacement - called run0 - that will be part of the upcomingsystemd 256 release. It takes a rather different approach to the executionof privileged commands, avoiding the use of setuid (which he calls "SUID")permissions entirely.

So, in my ideal world, we'd have an OS entirely without SUID. Let'sthrow out the concept of SUID on the dump of UNIX' bad ideas. Anexecution context for privileged code that is half under thecontrol of unprivileged code and that needs careful manual clean-upis just not how security engineering should be done in 2024anymore.
External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments