First of all, I like the idea. But I have questions.
What does logging look like for this?
I don't think it would be too difficult to log commands run with polkit, but is there an equivalent of sudo I/O logs? My guess is there isn't now, but to fully replace sudo it will probably need a way to record everything on the ptty it creates.
What environment variables does it forward by default? From the man page it sounds like SHELL is. What about TERM? Any others? What environment variables are set? What is PATH set to?
How are signals handled? Will a signal sent to the run0 process be propagated to the priveleged process?
What about sudoedit? How would I achieve similar functionality with run0?
What does logging look like for this?
I don't think it would be too difficult to log commands run with polkit, but is there an equivalent of sudo I/O logs? My guess is there isn't now, but to fully replace sudo it will probably need a way to record everything on the ptty it creates.
What environment variables does it forward by default? From the man page it sounds like SHELL is. What about TERM? Any others? What environment variables are set? What is PATH set to?
How are signals handled? Will a signal sent to the run0 process be propagated to the priveleged process?
What about sudoedit? How would I achieve similar functionality with run0?