this post was submitted on 10 Nov 2024
215 points (85.5% liked)

Linuxsucks

184 readers
31 users here now

Rules:

  1. FOSS advocates and Linux evangelists aren't welcome. -We ask that you block us.
  2. Moderation is heavy handed. Try to stay on topic.
  3. No Complaining Mute the sub if users, content, or rules bother you

founded 1 month ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 1 week ago (1 children)

Wouldn't it be easier to run the program as an user with restricted access...?

[–] [email protected] 1 points 1 week ago (1 children)

Not if you want to just pop it up with a single command line and close it as quickly

[–] [email protected] 2 points 1 week ago (2 children)

You could just write a small script for that? There must be something like su

[–] [email protected] 2 points 1 week ago (1 children)

Su isn't on windows, and does the exact opposite to restricting filesystem access to a specific subset

[–] [email protected] 3 points 1 week ago (1 children)

su allows you to swap to another user in shell, not just make yourself root.

'runas' looks like it'd do just the job

[–] [email protected] 2 points 1 week ago (1 children)

runas can do that, yes. Now how are you planning yo also create that user in the same command line? And to dispose of it automatically when the process ends?

[–] [email protected] 2 points 1 week ago

runas can do that, yes. But it won't make you a virtual file system, or give you a nat firewall.

One use case for this is the backblaze backup utility. It's kinda stupid in that it has an all-or-nothing approach to backups.

Putting it in a container restricts it in a much easier and reliable way than running it with a special user account.

[–] [email protected] 1 points 1 week ago

You had me right up till the end.....nice work.