0x4E4FThe real magic word
Underlectual
SynapseFor those like me who didn’t get the joke: Systemd v256 Introduces run0: A Safer Alternative to sudo / linuxiac.com
I don’t know enough about IT security to understand this.
Does that mean that run0 puts programs in some form of sandbox? What’s the difference now to sudo?
Sudo is a setuid binary, which means it executes with root permissions as a child of of the calling process. This technically works, but gives the untrusted process a lot of ways to mess with sudo and potentially exploit it for unauthorized access.
Run0 works by having a system service always running in the background as root. Running a command just sends a message to the already running seevice. This leaves a lot less room for exploits.