rootless execution

[cvengler]

As far as I know, we only require root privileges for the cgroup part. It would be awesome if these privileges could be dropped somehow in order to avoid an escalation. The traditional UNIX approach would be a call to setresuid(2) and setresgid(2), although the Linux capabilities feature may look promising as well.

[cvengler]

My current investigation is, that we probably do not even need any sort of capabilities. We just need to "downgrade" the root user to a normal one (in terms of capabilities), because the a DAC override is not required (because the root cgorup is owned by the root user anyway).

Well, but that wouldn't be rootless execution. It would be a less root one 😋

[sevenautumns]

Rootless execution should already be achievable through systemd-run --user --scope instead of sudo

[dadada]

The binary is not setuid. Unless anyone runs it with root (not recommended), this should not be an issue. But we should probably drop capabilities that we don't need, even within the user-slice.