• DefederateLemmyMl@feddit.nl
    link
    fedilink
    English
    arrow-up
    33
    arrow-down
    6
    ·
    7 months ago

    The attack surface will be a systemd daemon running with UID=0 instead, because how else are you going to hand out root privileges?

    So it doesn’t really change anything to the attack surface, it just moves it to a different location.

    • Kwdg@discuss.tchncs.de
      link
      fedilink
      arrow-up
      4
      arrow-down
      5
      ·
      7 months ago

      That already exists. systemd-run is already available today. So the attack surface would be smaller

      • DefederateLemmyMl@feddit.nl
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        7 months ago

        Not really, because you’re now going to make it do more, i.e. incorporate the functionality of sudo and expose it to user input. So unless you can prove that the newly written code is somehow inherently more secure than sudo’s existing code, the attack surface is exactly the same.