run0 Command: An Alternative to sudo – What We Know So Far

The systemd project continues to revolutionize the Linux ecosystem with its latest addition: the run0 command.

Announced recently by systemd lead developer Lennart Poettering, run0 promises to reshape how we handle administrative tasks by offering a new, sudo-like utility.

Unlike its predecessors, run0 introduces unique features that set it apart, potentially transforming how users interact with privileged commands.

A Closer Look at run0

The run0 command is a new addition to the systemd toolset, although it builds on an existing systemd-run tool.

The key difference lies in how run0 operates: when invoked through a symlink under the name “run0,” it behaves as a sudo clone, offering a streamlined way to execute commands with elevated privileges.

However, run0 diverges from traditional sudo usage in several significant ways.

No SUID Needed

One of the most notable features of run0 is its approach to security. Unlike sudo, run0 is not SUID-enabled.

Instead, it works directly with the service manager to invoke a command or shell under the desired user’s UID. This innovative design avoids potential security vulnerabilities associated with SUID binaries.

The command allocates a new PTY (pseudo-terminal) for each session, shoveling data back and forth between the originating TTY and the new PTY.

Isolated Execution Context

Another key difference between run0 and sudo is how the former runs commands.

With run0, commands are invoked in a newly forked-off execution context, directly from PID 1. This approach ensures that commands do not inherit any context from the client, except for an explicit allowlist, such as the propagation of the $TERM variable.

Visual Indicators

To make using run0 more intuitive, the command provides a visual cue when operating with elevated privileges.

By default, run0 tints the terminal background with a reddish tone, serving as a reminder that elevated privileges are active. This tint also helps to distinguish output generated by commands run with privileges, adding an extra layer of clarity and security to administrative tasks.

Comparisons to ssh and sudo

Poettering has noted that, in some ways, run0‘s behavior is closer to ssh than sudo. This comparison highlights run0‘s design focus on isolation and security.

While sudo allows for direct execution of commands with root privileges, run0‘s PTY allocation and isolated context create a more secure execution environment, resembling ssh’s approach to remote command execution.

Future Implications

As systemd continues to evolve, run0 is poised to play a pivotal role in Linux system administration. Its innovative design and focus on security make it an exciting addition to the systemd ecosystem. With features like isolated execution, visual indicators, and a secure PTY-based design, run0 offers a fresh take on handling privileged tasks.

For those interested in trying it out, systemd’s run0 will be available in systemd version 256, and further commentary from Poettering can be found on Mastodon.social.

The post run0 Command: An Alternative to sudo – What We Know So Far appeared first on Hongkiat.

Leave a Reply

Your email address will not be published.