Hello,
Davis
I've been tasked to take a large application mostly written in C which had previously always run as root and now run it under dynamic user.
My goal is to follow the "principle of least privilege" and figure out all the necessary individual privileges I need to provide so that it continues to work normally as before.
I'm sure I can use a trial and error approach that would involve running the unprivileged application, inspecting error, granting needed privilege, rinse, wash and repeat until all errors are resolved
but I'm wondering if there is a more systematic approach that involves inspecting the code base and figuring out all needed privileges needed to get the application to work properly?
Thank you,
Davis
_______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
