this post was submitted on 20 Apr 2026
27 points (96.6% liked)

Linux and Tech News

3392 readers
42 users here now

This is where all the News about Linux and Linux adjacent things goes. We'll use some of the articles here for the show! You can watch or listen at:

You can also get involved at our forum here on Lemmy:

Or just get the most recent episode of the show here:

founded 2 years ago
MODERATORS
leo@lemmy.linuxuserspace.show
Strit@lemmy.linuxuserspace.show
27
Raspberry Pi OS ends open-door policy for sudo (www.theregister.com)
submitted 1 day ago by leo@lemmy.linuxuserspace.show to c/news@lemmy.linuxuserspace.show
4 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] adespoton@lemmy.ca 5 points 1 day ago (3 children)

Someone needs to come up with a variant of su that will let you log in to an elevated account for a fixed purpose or time… so you can kick off an elevated process chain but know that some other person or script can’t piggyback on your session to do other stuff.

Sudo always felt like a system with that sort of potential but way too large an attack surface.

[–] RiceManatee@lemmy.ca 5 points 1 day ago

It's almost like you dream of pfexec.

[–] Nomad 1 points 1 day ago

That would not work. You might reduce the time frame for an attack but any second of elevated privileges is enough to backdoor the system and let somebody in.

[–] hitmyspot@aussie.zone -2 points 1 day ago

Windows allows you to open cmd as an administrator, so all you do in that tab is as an admin. In assume something similar could don't, but obviously coukdnbe used for escalation attacks.