Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/pid_eins/statuses/112353405406989110">Lennart Poettering (pid_eins@mastodon.social)'s status on Tuesday, 30-Apr-2024 21:57:17 JST</a><a href="https://mastodon.social/@pid_eins" title="pid_eins@mastodon.social"><img src="https://gnusocial.jp/avatar/92094-48-20230126121211.webp" width="48" height="48" alt="Lennart Poettering" style="position: absolute; left: 0; top: 0;">Lennart Poettering</a><div><a href="https://mastodon.social/@pid_eins/112353388561456436" rel="in-reply-to">in reply to</a></div></section><article><p>… the target user's UID. It allocates a new PTY for that, and then shovels data back and forth from the originating TTY and this PTY.</p><p>Or in other words: the target command is invoked in an isolated exec context, freshly forked off PID 1, without inheriting any context from the client (well, admittedly, we *do* propagate $TERM, but that's an explicit exception, i.e. allowlist rather than denylist).</p><p>One could say, "run0" is closer to behaviour of "ssh" than to "sudo", in many ways. Except that…</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3017156#notice-5989776">In conversation</a><time datetime="2024-04-30T21:57:17+09:00" title="Tuesday, 30-Apr-2024 21:57:17 JST">about 7 months ago</time> <span>from <span><a href="https://mastodon.social/@pid_eins/112353405406989110" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@pid_eins/112353405406989110">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Lennart Poettering (pid_eins@mastodon.social)'s status on Tuesday, 30-Apr-2024 21:57:17 JST Lennart Poettering
in reply to
… the target user's UID. It allocates a new PTY for that, and then shovels data back and forth from the originating TTY and this PTY.
Or in other words: the target command is invoked in an isolated exec context, freshly forked off PID 1, without inheriting any context from the client (well, admittedly, we *do* propagate $TERM, but that's an explicit exception, i.e. allowlist rather than denylist).
One could say, "run0" is closer to behaviour of "ssh" than to "sudo", in many ways. Except that…
In conversationabout 7 months ago from mastodon.socialpermalink

Public

Embed Notice

HTML Code

Corresponding Notice