On Wed, Oct 19, 2016 at 09:33:14AM -0200, Henrique de Moraes Holschuh wrote:
> On Wed, Oct 19, 2016, at 06:56, Jan Mojzis wrote:
> > >I read manpage on github, but did not understood, what exactly this
> > > program provides. Can it replace creation system users for dropping
> > > privileges?
> > It's doesn't create users.
> > It only drops privileges (extremesetuidgid) or sets $UID/$GID env.
> > variables (extremeenvuidgid).
> > For example:
> > extremesetuidgid -b 100000 sleep 1
> > runs command 'sleep 1' under unprivileged uid/gid (computed getpid()
> > +100000)
> > e.g. for:
> > pid=10 ... uid=gid=100010
> > pid=11 ... uid=gid=100011
> > pid=12 ... uid=gid=100011
> I am just wondering why is it called "extreme"?
This sounds like a hack from ~ 20 years ago when people realized that
running several programs at the same time as nobody does not isolate
them from each other.
Much better solutions for restricting what a process can or cannot do
are now available.
> It looks more like a functionality related to "exclusive" guid/uid,
20 years ago such a hack would at least have ensured that every process
has a unique uid.
Even this is no longer true.
tinysshd  is another worrisome example.
Writing an own "tiny" sshd from scratch, and the result is not even
smaller than the dropbear everyone else uses for that purpose.
To make the NIH complete, it uses own versions of standard C library
string functions and an own (pretty primitive) build system.
 thank god only in experimental so far
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed