Script to run everything as 'spot'
Posted: Sun 02 Jun 2013, 17:14
Puppy introduced the concept of "run-as-spot", whereby an application run as the user 'spot' despite the fact that the logged-in user is 'root', long time ago. It was / is used to run 'didiwiki', a personal webserver providing wiki functions, as the user 'spot' to reduce the impact of someone breaking into the webserver. There was a blog post from mid 2008 that talked about it, but by that time it was already quite established that didiwiki always run as spot; the first implementation must be much earlier than that - could be 2006 or 2007.
For a very long time until now, didiwiki was the only application that run as spot. Fatdog elaborated on the concept and use the idea to run most network programs as spot - most prominently is the browser.
A few days ago Barry decided to expand the model too and adopt Fatdog's approach to run more programs as spot, first of all is seamonkey (a web browser), see this blog post.
I'm attaching a script that allows *any* program (proper ones!) to run as spot. This is the same script that is currently used in Fatdog, except that Fatdog uses "dash" shell instead of "sh" to reduce memory footprint.
How to use:
1. Gunzip, then chmod +x the script.
2. Copy it to /usr/bin
3. Prefix any app you want to run with "run-as-spot".
It has been tested on:
- firefox, seamonkey, thunderbird, pidgin, geany, libreoffice, chromium, and a few others I can't remember.
Enjoy. Feedback and contributions welcome.
For a very long time until now, didiwiki was the only application that run as spot. Fatdog elaborated on the concept and use the idea to run most network programs as spot - most prominently is the browser.
A few days ago Barry decided to expand the model too and adopt Fatdog's approach to run more programs as spot, first of all is seamonkey (a web browser), see this blog post.
I'm attaching a script that allows *any* program (proper ones!) to run as spot. This is the same script that is currently used in Fatdog, except that Fatdog uses "dash" shell instead of "sh" to reduce memory footprint.
How to use:
1. Gunzip, then chmod +x the script.
2. Copy it to /usr/bin
3. Prefix any app you want to run with "run-as-spot".
It has been tested on:
- firefox, seamonkey, thunderbird, pidgin, geany, libreoffice, chromium, and a few others I can't remember.
Enjoy. Feedback and contributions welcome.