Programmer Humor

42317 readers

348 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.

founded 6 years ago

MODERATORS

cat_programmer@lemmy.ml

AgreeableLandscape@lemmy.ml

166

Life finds a way (lemmy.ml)

submitted 2 days ago by yogthos@lemmy.ml to c/programmerhumor@lemmy.ml

32 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] melmi@lemmy.blahaj.zone 1 points 1 day ago (1 children)

This works if you trust every program you run with silent root privileges. Sure, don't run untrusted code in general, but I think it's generally good practice to lock down root privileges as much as possible. Layered security and all that.

[–] MangoCats@feddit.it 1 points 1 day ago

Not silent, the passwordless sudo calls are logged and available for review. I do trust that after several months in a sandbox without calling sudo, it's unlikely that a sleeper agent will awaken and call sudo out of the blue - more likely that my apps that have been calling sudo will do something nefarious on the 1000th access...

Somebody (possibly an AI agent...) could/should automate the process of transcribing the sudo logs to the NOPASSWD setup, just leave sudo unlocked for those things that show up as needing it during validation test runs and turn the sudo lock back on for everything else.