Also for some reason this article created a 500+ comment thread on the Orange Website where boomers complain about the authors pronouns.
i’ve literally read the code and i still can’t imagine this would actually work for anything if you don’t even authenticate your root access. or is the bit that it’s the “bottom” sudo so it just asks for access and anything you’d actually need sudo access for, to which the OS says “…no”
It’s an incredibly secure solution to root access control. Every rejection is logged as well
The key part is the exec call at the end. One of the interesting things about the exec-family of system calls in UNIX is that it replaces the current process if it succeeds. This means that the function will never return unless some error happened, so the exec method always returns an error. This will make error handling happen properly and if things fail the process will exit with a non-zero error code:
Finished release [optimized] target(s) in 0.06s
Running `target/release/🥺 ls`
Error: Os { code: 1, kind: PermissionDenied, message: "Operation not permitted" }
Every time you run it, it spits out an error
🥺 ls
:bottom-speak: :speech-l:
PermissionDenied, message: "Operation not permitted"
:speech-r: :top-use-words:
That’s because the binary needs the right permissions. If it was root + setuid it should work on Unix.
So building it with the right permissions would actually allow it to run as a sudo alternative?
lol, this is fucking hilarious. sad that i have literally zero people in my life that would understand this
