Mastodawn

Rethinking sudo with object capabilities

Alpine Linux maintainer Ariadne Conill has published a very interesting blog post about the shortcomings of both sudo and doas, and offers a potential different way of achieving the same goals as those tools.

Systems built around identity-based access control tend to rely on ambient authority: policy is centralized and errors in the policy con

https://www.osnews.com/story/144017/rethinking-sudo-with-object-capabilities/

#PrivacySecurity

Rethinking sudo with object capabilities – OSnews

Show thread

DistroWatch

@osnews What is being described here can also be accomplished with doas and (I suspect) sudo. The approach is a little different, but the effect is the same with similar benefits and possible dangers.

For example, with doas, to allow the user to mount only one specific device the configuration line would simply be:

"permit user as root cmd mount /dev/sdc"

Show thread

Nivex 🐧 📻Dec 13

@distrowatch @osnews This sounds an awful lot like PolicyKit. What am I missing?

Show thread

Thomas Leonard Dec 13

@distrowatch @osnews That requires the delegating user to be able to edit the sudoers policy, though.

Show thread

DistroWatch Dec 13

@talex5 @osnews Obviously, yes. The admin (or whomever is giving out permissions) always needs to be able to set access for other users. The root user has access to everything on the system, including sudo/doas policy.