• NekkoDroid@programming.dev
    link
    fedilink
    arrow-up
    3
    ·
    6 months ago

    I don’t understand how this is any improvement over pkexec

    That has the same problem as sudo: the SUID bit is set for it.

    The fact that run0 uses polkit is more of a byproduct that this kinda authentication is already done with polkit all over the place in systemd. You can have individual subcommand accessible to different users (for example everyone can systemctl status, but systemctl reboot needs to be in the wheel group) which is why its generally used within systemd already. And it wouldn’t surprise me if again you can do it with this as well, limiting what commands can unconditionally run, need prompt or are completely blocked.