[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "su is really a broken concept"

Lennart Poettering (https://github.com/systemd/systemd/issues/825#issuecomment-127917622):

Long story short:  su is really a broken concept.

Christian Seiler:

So it's not like su is suddenly broken - it's just that some specific new use cases don't work properly with it.

A fair number of people got their backs up for the very reason that su was described as "broken". One could, of course ask whether in fact it is the XDG Base Directory Specification (http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html) that is the broken concept, for incorporating the notion of the only way that one reaches the point of running as any given user account being login. ("the user being logged in ... the user first logs in ... the user fully logs out ... the user logs in more than once ... first login ... last logout ... a full logout/login cycle") Design a mechanism that at its foundation and throughout takes no account of adding other user account privileges into a login session with su, or indeed that processes wanting to create "runtime" files might be set-UID, and of course it will conflict.

Reply to: