The sudo password is a security theater. If untrusted code is isolated, it will be unable to run sudo (or other privilege escalation tool) at all. If untrusted code is not isolated, it has millions of ways to sniff the sudo password. This applies to both server and desktop Linux installations.

Keep your stuff sandboxed. The Evil Systemd, despite being Evil, has a set of useful options for this. Check systemd.service(5).

· · Web · 0 · 0 · 0
Sign in to participate in the conversation
Puppo Space

A general furry public instance. You don't have to be a furry to join. Any and all topics are fair game provided they do not conflict with the Code of Conduct.