Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There is no such API on Linux, it is accomplished by sudo having the setuid bit set, which instructs the kernel to start it as root regardless of the current user. It's probably one of the worst legacy designs still in use - if any binary has setuid set, it runs as root, no questions asked. Conversely, you also have no way of elevating privileges for a running binary. This really should have been solved decades ago with a robust API for authentication and authorisation of running processes to gain and lose privileges, like what Windows has. Having a filesystem bit grant root privileges to a program is insane. There are probably a dozen CVEs waiting to be discovered with silently corrupting the filesystem and setting that bit on your binary.


> if any binary has setuid set, it runs as root

More precisely, it runs as the file owner. Which is often root.


For anyone thinking this is unnecessarily pedantic, it’s not.

I didn’t exactly know what setuid did. I learned something today. :)


You might also research what setgid bit on directories do, it's useful sometimes.


There's been some work on alternatives to setuid sudo. For example run0 from systemd.


https://en.wikipedia.org/wiki/Doas is all you need




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: