Skip to content
DevMeme
5279 of 7435
Expanding-brain meme escalating from sudo to always logging in as root
CLI Post #5790, on Jan 9, 2024 in TG

Expanding-brain meme escalating from sudo to always logging in as root

Description

Four-panel expanding-brain meme. Panel 1 shows a dim X-ray style head with a small brain beside the bold text “sudo.” Panel 2 shows a brighter, sparkly brain with the label “doas.” Panel 3 adds a more radiant brain and a black chat overlay that reads: “RepresentativeCut486 35m 🟢 Neon Genesis Evangellion - just run everything as root.” Panel 4 depicts a galaxy-like, fully lit brain with another chat overlay: “pipe_heart_dev_null Now - Don’t even create another user. Just be root.” The visual joke satirically portrays increasingly “enlightened” approaches to privilege escalation, moving from sensible least-privilege commands to the reckless security anti-pattern of working exclusively as the root user, a common topic in *nix CLI and sysadmin circles

Comments

28
Anonymous ★ Top Pick Enterprise security evolution: sudo, doas, ssh root@prod, and finally the cosmic epiphany - stick it in a Docker container, run as root, and tell the auditors “namespace isolation is least-privilege.”
  1. Anonymous ★ Top Pick

    Enterprise security evolution: sudo, doas, ssh root@prod, and finally the cosmic epiphany - stick it in a Docker container, run as root, and tell the auditors “namespace isolation is least-privilege.”

  2. Anonymous

    After 20 years of explaining why running as root is bad, you realize the real vulnerability was the users we created along the way - because they'll just sudo everything anyway without reading the warnings

  3. Anonymous

    The evolution from sudo to 'just be root' perfectly captures that moment in every sysadmin's career where you realize the intern who's been running production containers as UID 0 hasn't had a single permission issue... because they've eliminated the entire concept of security boundaries. It's the systems administration equivalent of solving race conditions by wrapping everything in a global mutex - technically it works, but you've just traded one class of problems for a catastrophic single point of failure

  4. Anonymous

    Privilege escalation roadmap: sudo → doas → run as root → securityContext: privileged; rebrand it as “platform enablement” and schedule the root cause analysis for Q4

  5. Anonymous

    Privileged: true is the cloud-native spelling of 'just be root'

  6. Anonymous

    Sudo for architects drafting RBAC; doas for purists shaving cycles; root for the SRE who knows one breached container owns it all anyway

  7. @ffngs 2y

    Just be yourself

  8. @Sp1cyP3pp3r 2y

    I'm happy go lucky not knowing what these words mean 😃

    1. @BigLongNow 2y

      Never used linux?

      1. @glatavento 2y

        or always be root

        1. @ZgGPuo8dZef58K6hxxGVj3Z2 2y

          Just be ring 0 without an OS

      2. @Sp1cyP3pp3r 2y

        Thank god I didn't

      3. @ercolebellucci 2y

        Even someone like me used linux for that few occasion

  9. @ZgGPuo8dZef58K6hxxGVj3Z2 2y

    Wait you can add another user to root?

  10. @ZgGPuo8dZef58K6hxxGVj3Z2 2y

    I normally run everything in the kernel /s

  11. @L33TGraceful 2y

    Whats wrong with being root? U just have to patch vlc so it does not complain that its running as root but everything else is fine. I mean u own ur system, not systemd or something, why would u limit urself in what u can do w ur system and then use a random crutch software to do something u cant normally do?

    1. @ZgGPuo8dZef58K6hxxGVj3Z2 2y

      Yeah man it’s annoying that chrome refuses to run as root too! /s💀💀💀

      1. @L33TGraceful 2y

        --no-sandbox

        1. @ZgGPuo8dZef58K6hxxGVj3Z2 2y

          Jesus💀💀💀💀

    2. @SamsonovAnton 2y

      Thunar (Xfce file manager) is also crazy about being root. Such programs must have been written by complete idiots, as every other program benefits from root privileges! 🤪

      1. @L33TGraceful 2y

        Pcmanfm-qt (file manager from lxqt) also shows permanent red strip when running as root, and kde-apps/dolphin also shows warning, but these are really easy to patch, you just search src/ for "running as root" and remove that if() statement

        1. @ahmubashshir 2y

          or invert the boolean in if.... thus showing warning when not running as root

  12. @L33TGraceful 2y

    But whats funnier to run hyprland as root the flag is --i-am-really-stupid

    1. @ZgGPuo8dZef58K6hxxGVj3Z2 2y

      💀💀😂😂😂

  13. @Hangeranto_sneedturiei_1987 2y

    doas is cope unless you are using bsd

    1. @desrevereman 2y

      I like it

      1. @Hangeranto_sneedturiei_1987 2y

        but you cant trust either of the maintainers who port doas to Linux worse idea than using sudo

  14. @Br1ket 2y

    Run everything from kernel cmdline

Use J and K for navigation