On 28/08/2015 17:32, Laurent Bercot wrote: > On 28/08/2015 17:00, Michael Bütow wrote: >> https://tlhp.cf/lennart-poettering-su/ > > The thing is, he's not entirely wrong: su *is*, really, a > broken concept.
On a desktop system with current constraints (XDG env vars, X11 sockets...) I'd agree, but that's hardly su's fault. On a server, tough, it just does its job nicely (unless you need strict audit of root-level actions, in which case sudo with a MAC system should be your starting point). So much noise (and security-critical code) for nothing. -- Matteo Panella
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
