• Boomkop3@reddthat.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 days ago

      Su isn’t on windows, and does the exact opposite to restricting filesystem access to a specific subset

      • hemko@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        3
        ·
        3 days ago

        su allows you to swap to another user in shell, not just make yourself root.

        ‘runas’ looks like it’d do just the job

        • Boomkop3@reddthat.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 days ago

          runas can do that, yes. Now how are you planning yo also create that user in the same command line? And to dispose of it automatically when the process ends?

          • Boomkop3@reddthat.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 days ago

            runas can do that, yes. But it won’t make you a virtual file system, or give you a nat firewall.

            One use case for this is the backblaze backup utility. It’s kinda stupid in that it has an all-or-nothing approach to backups.

            Putting it in a container restricts it in a much easier and reliable way than running it with a special user account.