• frezik@midwest.social
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    5 months ago

    When you log in to an ssh terminal for a shell, it has to launch the shell process as the desired user. Needs to be root to do that.

    SSH has been around a long time. It’s not perfect, but it’s mostly validated. Anything new won’t have that history.

    • Possibly linux
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      Can’t it use built in OS mechanisms for that? Surely you could figure out a way to only give it permissions it needs. Maybe break it up into two separate processes.

      • Sethayy@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        That just sounds like root with extra steps (trying to implement OS security policies in a remote terminal utility)