I will use it. I don't care what others think. People can use su, sudo, doas, run0 by their choice, and I don't see why we need a common opinion about it.
Linux
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
This. One thing Linux is about is personal freedom.
If you make users sign in too much, they will just make their passwords short and easy to remember, even 24hrs is too much and people bitch about it all the time, especially since we have password managers enforced, meaning every time they need to Auth they need to Auth into their system, Auth into their password manager, copy the password, auth into their phone, look at the 2FA code and type that in.
Doing this every day just to open email is understandably fucking enraging even to me as a security """engineer"""/analyst/${bullshitblueteamemailreaderjob}
Press it harder and they will use simple passwords that will inevitably be passed through to something external (e.g. cockpit which even I can bruteforce) or reused somewhere at some point, and then someone just has to get lucky once and run whatever run0 sudo su <reverse shell bs here>
to bypass all protections.
or reused ~~somewhere~~ everywhere ~~at some point~~ constantly
I agree with you. If i had to add my password everytime I’d just add my personal account to sudo group.
Good security works with people, not against them.
I might try run0 for fun, but I don't think it'll replace sudo any time soon.
The biggest issue I see is run0 purposely not copying any environment variables except for TERM
.
You'd have to specify which editor to use, the current directory, stuff like PATH
and HOME
every time you run a command.
Su - then
This just sounds like a a solution in search of a problem.
sudo has more than 220k lines of code, I can definitely see the use of a simpler alternative.
Prompting for every single command seems like it'd suck
Also, you can configure sudo to prompt every time if you really want.
I was on a system that was configured that way for "security", so I would just 'sudo bash' which is obviously much safer /s.
I don't know, we'll just have to see. But personally, I am not a fan of tying so many functionalities to systemd.
As it is running sudo with a long process is annoying missing and having to reenter my password or missing and the process timing out if I go afk to wait, I can't imagine having to type my password every few moments when I run an upgrade. Surely this is not the pitch. This is already looking dead in the water if so, and god help me if I have to remember to type run0.
No no no
It'll be systemctl --user enable --now systemd-run0d
I'm dead
I’m surprised they would implement having just run0 effectively log you in as root. For the super security conscious constrictions of the command versus sudo, it would seem that the very notion of elevating your privilege beyond the single command to be carried out, would be anathema to the whole goal of this new command. Evidently not, but it’s surprising to me.
I'm going to continue to keep avoiding Poettering software for as long as he continues to act like a jackass. Even his commit messages are dripping with condescension.
Funny. I didn't know a single thing about the person. But that commit message made me like him more.
Ofc assuming he was just making a light-hearted joke in it.
Users were complaining that their terminal transparency was being broken by the nspawn container and that the colour for other applications like tmux were being affected by it. For example tmux was appearing in the same navy blue in the terminal emulator instead of its usual green.
Idk he's just a hot take merchant basically. He has a particular hate-boner for distros that don't use systemd as the default init system like void and gentoo (usually these are troll tweets as opposed to commit messages though).
su is the best. I mean, i should be using the admin (root) password for admin things, not the user password of user who is already logged in. And there needs to be a root service already running to make user have root previlages which is dumb imo. Sudo vulnerability could cause previlage escalation but if there is no root process managing this, then it can't leak the root access. Only kernel security issue(or other root processes) will leak root access if that was the case, which i think is better.
At the moment, fish doesn't know what to do with run0. When that changes, I'll start using it :)
Sometimes I really hate the utility names people come up with.
I would love to see chatgpt rename all the core utils in a way that summarizes their function.
The name does do what it says & in just 4 char
I feel like this is well named (run as user 0) so then I'm wondering what else you dislike and what you think would be improvements?
The one that really annoys me is using "-r" and "-R" interchangeably for recursion. Why that has stood is beyond me.