Gregory's Server@oficsu if you reduce the problem to cleaning up the env block, then you are missing pretty much everything I said in my post.
|
3 comments
 @pid_eins, I read all thread and I see 3 main points: We are leaving the first point aside (it's about trade-offs). And for the rest two, it's better to allow the kernel to manage privilege acquiring (e.g. by forwarding requests to systemd via a new kernel mechanism) and to create a clean environment during these operations. Am I still missing something? |
@pid_eins, am I right you are about plugins and complicated configuration of sudo?
While I agree with you that sudo is overengineered, I also accept it was not created out of nothing and solves some problems someone really needs to solve in a case when run0 is not enough
And leaving aside a functionality trade-off, I think both sudo and run0 (...and many others) can benefit from a some new kernel mechanism instead of manual implementation on systemd side