Mastodawn

#capsudo 0.1.1 has been released!

https://distfiles.ariadne.space/capsudo/capsudo-0.1.1.tar.xz

If you are on Alpine edge and have testing packages enabled, you can install capsudo from there and then start the capsudo service.

If you want password authentication, use the capsudo-pwauth service which will challenge the capsudo client to provide your password, otherwise there is no authentication at all.

the tl;dr: capsudo is essentially sudo, but done with object capabilities instead of an SUID binary.

My blog last month explains the theory side of it and how you can use object capabilities to stitch all sorts of interesting things together without the need of a complex policy engine.

Part 2 of the series will land sometime this weekend... and then finally after that we will get to the chapter the Hacker News and Lobsters people wanted to skip to after that.

If someone wants to send me the bits to make this all work with systemd, that would also be great, but as I don't use systemd, I would have to otherwise guess.

Ariadne Conill 🐰

Jan 3

next stream will be tomorrow, we will be hacking on #capsudo!

i was thinking about streaming today, but i'm not in the mood given current events

Hacker News Dec 13

Capsudo: Rethinking Sudo with Object Capabilities

https://ariadne.space/2025/12/12/rethinking-sudo-with-object-capabilities.html

#HackerNews #Capsudo #RethinkingSudo #ObjectCapabilities #Security #Innovation #TechNews

Rethinking sudo with object capabilities

I hate sudo with a passion. It represents everything I find offensive about the modern Unix security model: like su, it must be a SUID binary to work it is monolithic: everything sudo does runs as root, there is no privilege separation it uses a non-declarative and non-hierarchical configuration format leading to forests of complex access-control policies and user errors due to lack of concision it supports plugins to extend the policy engine which run directly in the privileged SUID process I could go on, but hopefully you get the point.