Is removing setuid actually a win? I know it presents a security risk, but it fe... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Retr0id on April 30, 2024 \| parent \| context \| favorite \| on: Run0, a systemd based alternative to sudo, announc... Is removing setuid actually a win? I know it presents a security risk, but it feels like we're not actually removing that attack surface, just moving it around.

NekkoDroid on April 30, 2024 [–]

Well... that "attack surface" isn't new, its mostly just repackaging systemd-run, which is just used to tell PID1 to launch a new process. So in total the attack surface would be reduced by removing sudo.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact