#mac_do — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #mac_do, aggregated by home.social.
-
I’ve been replacing sudo/doas on most of my FreeBSD boxes with something much smaller: mdo(1) + mac_do(4) from base.
No port. No sudoers parser. No setuid helper. Just a kernel MAC policy, a sysctl rule, and an explicit “SSH is the gate” security model.
Wrote up the full walkthrough for FreeBSD 15, including rule syntax, examples, caveats, and my surrounding hardening sysctls:
https://blog.hofstede.it/mdo-on-freebsd-15-base-system-privilege-delegation-with-mac_do/
-
⭕À #Saint-Denis, des militants bloquent le #Mac_Do en soutien à la #Palestine. 🎥 #RevPermanente