On Wed, Oct 19, 2016, at 06:56, Jan Mojzis wrote:
> >I read manpage on github, but did not understood, what exactly this
> > program provides. Can it replace creation system users for dropping
> > privileges?
> It's doesn't create users.
> It only drops privileges (extremesetuidgid) or sets $UID/$GID env.
> variables (extremeenvuidgid).
> For example:
> extremesetuidgid -b 100000 sleep 1
> runs command 'sleep 1' under unprivileged uid/gid (computed getpid()
> e.g. for:
> pid=10 ... uid=gid=100010
> pid=11 ... uid=gid=100011
> pid=12 ... uid=gid=100011
I am just wondering why is it called "extreme"?
It looks more like a functionality related to "exclusive" guid/uid,
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique de Moraes Holschuh <h...@debian.org>