[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#841113: ITP: extremetools -- tools for running processes under extreme uid and gid

On Wed, Oct 19, 2016, at 06:56, Jan Mojzis wrote:
> >I read manpage on github, but did not understood, what exactly this
> > program provides.  Can it replace creation system users for dropping
> > privileges?
> It's doesn't create users.
> It only drops privileges (extremesetuidgid) or sets $UID/$GID env.
> variables (extremeenvuidgid).
> For example:
> extremesetuidgid -b 100000 sleep 1
> runs command 'sleep 1' under unprivileged uid/gid (computed getpid()
> +100000) 
> e.g. for:
> pid=10 ... uid=gid=100010
> pid=11 ... uid=gid=100011
> pid=12 ... uid=gid=100011

I am just wondering why is it called "extreme"?

It looks more like a functionality related to "exclusive" guid/uid,

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique de Moraes Holschuh <hmh@debian.org>

Reply to: