Run without root privileges, except where they're specifically needed #35
Comments
|
This could be based on sudo/doas/etc., capabilities, polkit, etc. if the checks were compiled to their own binaries |
|
Ah, I see there's a root helper, but on my system (Arch) it just fails to execute, with no error message, even when run as root Personally, I'd still prefer to not have to run two things, but I guess if the helper failure is fixed, that would take care of the issue (though without the granularity offered by capabilities/polkit) |
|
I mentioned the root helper failure in the Arch issue, so this one could be treated as an issue for making elevated permissions more granular, or could just be resolved, as you prefer |
|
Let's keep it, I like the idea of granual permissions. |
|
I was thinking about this, and ca/po can be an additional layer. Currently, the systemd rules already protect the root helper from exploitation, and we can further down-limit it to specific paths. The only issue is any kind of firewall check, as that one requires kernel access. I'am looking into how to limit root access, as most of the things are readonly and actually don't require privileges. |
Can we restrict what runs as root to only the code that actually requires it?
This would ideally be done by
The text was updated successfully, but these errors were encountered: