Re: "su is really a broken concept"
You're probably right, Jonathan. "Su" is so common that it easy to make that error. After looking at the current POSIX list, I did not find it. Thank you for pointing that out. Be well! T.J. On Wed, Sep 2, 2015 at 10:55 PM, Jonathan de Boyne Pollard < j.deboynepollard-newsgro...@ntlworld.com> wrote: > T.J. Duchene: > >> If someone can do it better, and still keep it compatible with POSIX, >> more power to them. >> > > This is not the first place where someone has randomly thrown POSIX into > the discussion. "su" is outwith the scope of the POSIX standard. It's in > the SVID, but to my knowledge "su" never made into POSIX. The SUS mentions > it in passing under setuid() as a non-conformant application. > >
Re: "su is really a broken concept"
T.J. Duchene: If someone can do it better, and still keep it compatible with POSIX, more power to them. This is not the first place where someone has randomly thrown POSIX into the discussion. "su" is outwith the scope of the POSIX standard. It's in the SVID, but to my knowledge "su" never made into POSIX. The SUS mentions it in passing under setuid() as a non-conformant application.
Re: "su is really a broken concept"
On Tue, 2015-09-01 at 01:25 +0100, Jonathan de Boyne Pollard wrote: > Lennart Poettering > (https://github.com/systemd/systemd/issues/825#issuecomment-127917622): > > > Long story short: su is really a broken concept. > > > > Christian Seiler: > > > > So it's not like su is suddenly broken - it's just that some specific > > new use cases don't work properly with it. > > I don't think so. It is what it is. If someone can do it better, and still keep it compatible with POSIX, more power to them. Just let the rest of us chose which we want. That is the open way. T.J.
Re: "su is really a broken concept"
Lennart Poettering (https://github.com/systemd/systemd/issues/825#issuecomment-127917622): Long story short: su is really a broken concept. Christian Seiler: So it's not like su is suddenly broken - it's just that some specific new use cases don't work properly with it. A fair number of people got their backs up for the very reason that su was described as "broken". One could, of course ask whether in fact it is the XDG Base Directory Specification (http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html) that is the broken concept, for incorporating the notion of the only way that one reaches the point of running as any given user account being login. ("the user being logged in ... the user first logs in ... the user fully logs out ... the user logs in more than once ... first login ... last logout ... a full logout/login cycle") Design a mechanism that at its foundation and throughout takes no account of adding other user account privileges into a login session with su, or indeed that processes wanting to create "runtime" files might be set-UID, and of course it will conflict.