Systemd Looks to Replace sudo with run0
Systemd introduces "run0" to replace sudo in Linux. It offers secure user elevation without SUID, using a service manager for command execution. Creator Poettering aims for enhanced security and usability. Systemd 256 with run0 is on GitHub for testing.
Read original article
Systemd, a crucial init system in Linux, is introducing a new tool called "run0" to potentially replace sudo. Run0, part of the upcoming systemd 256 release, aims to provide similar functionality to sudo but without being a SUID binary. It works by querying the service manager to execute commands under the user's UID, allocating a new PTY for data transfer. Creator Lennart Poettering highlights that run0 is designed to be more secure than traditional sudo alternatives like "doas" by reducing the attack surface. Additionally, run0 will visually indicate elevated user rights by changing the background color. Despite potential challenges in adoption due to its longer command name, run0 is positioned as a viable alternative to sudo. The first release candidate for systemd 256, featuring run0, is already available on GitHub, with the final release expected to include a stable run0 experience and other improvements.
Related
Memory sealing for the GNU C Library
The GNU C Library introduces mseal() system call for enhanced security by preventing address space changes. Adhemerval Zanella's patch series adds support, improving memory manipulation protection in upcoming releases.
Is 2024 the year of Windows on the Desktop?
In 2024, the author reviews Windows 11, highlighting challenges like limited hardware support, lack of installation control, manual driver search, slow updates, and UI lag. They compare favorably to Linux distributions.
Andrew S. Tanenbaum Receives ACM Software System Award
Andrew S. Tanenbaum, known for MINIX, receives ACM Software System Award for shaping OS education and influencing Linux's design. His microkernel work continues to impact OS development globally.
Finnish startup says it can speed up any CPU by 100x
A Finnish startup, Flow Computing, introduces the Parallel Processing Unit (PPU) chip promising 100x CPU performance boost for AI and autonomous vehicles. Despite skepticism, CEO Timo Valtonen is optimistic about partnerships and industry adoption.
Start all of your commands with a comma (2009)
The article discusses creating a ~/bin/ directory in Unix to store custom commands, avoiding name collisions with system commands by prefixing custom commands with a comma. This technique ensures unique, easily accessible commands.
9 commentsAges ago people warned Lennart would start doing fuckery like this, but apparently all for nothing.
What's next? Replacing the Linux kernel because it "isn't good enough" according to mister Poettering?
Related
Memory sealing for the GNU C Library
The GNU C Library introduces mseal() system call for enhanced security by preventing address space changes. Adhemerval Zanella's patch series adds support, improving memory manipulation protection in upcoming releases.
Is 2024 the year of Windows on the Desktop?
In 2024, the author reviews Windows 11, highlighting challenges like limited hardware support, lack of installation control, manual driver search, slow updates, and UI lag. They compare favorably to Linux distributions.
Andrew S. Tanenbaum Receives ACM Software System Award
Andrew S. Tanenbaum, known for MINIX, receives ACM Software System Award for shaping OS education and influencing Linux's design. His microkernel work continues to impact OS development globally.
Finnish startup says it can speed up any CPU by 100x
A Finnish startup, Flow Computing, introduces the Parallel Processing Unit (PPU) chip promising 100x CPU performance boost for AI and autonomous vehicles. Despite skepticism, CEO Timo Valtonen is optimistic about partnerships and industry adoption.
Start all of your commands with a comma (2009)
The article discusses creating a ~/bin/ directory in Unix to store custom commands, avoiding name collisions with system commands by prefixing custom commands with a comma. This technique ensures unique, easily accessible commands.