[sudo-users] Add integration with landlock
Sławomir Lach
slawek at lach.art.pl
Sun May 2 06:55:11 MDT 2021
https://landlock.io/#[1]
Landlock was merged to Linux. There is any change to add integration with it? I imagine,
there could be sudo framework to create root (or other user) process, which exactly given
rights.
How it could work?
1. User run grub2 configuration editor.
2. This editor give information it needs to create a new process with right to edit /boot/
grub2/grub.conf file
3. Some dialog like in PolicyKit was shown, describing needed privileges
4. User provide root password and accept
5. Sudo create a new process with needed rights and communication channel with our
editor
6. User accept changes
7. Editor send request to newly created process
8. Process saves changes
9. Child and parent process exit
There could be more enhancement, like manual page integration to shown descriptions
of files app request to have access, etc.
--------
[1] https://landlock.io/#
More information about the sudo-users
mailing list