[Research] Audit existing tools and prior art #10
Description
Status: 📚 Research (Low Priority)
Now that core implementation is complete, this is useful for learning and future improvements but not blocking.
Priority: Low - Core functionality works
Type: Research / Documentation
Purpose
Survey existing tools to learn from prior art and identify opportunities for improvement.
Tools to Investigate
Privilege Escalation / Auth
| Tool | Status | Notes |
|---|---|---|
| run0 (systemd 256+) | ⬜ TODO | Credential caching patterns |
| polkit | ✅ Implemented | Using for auth |
| sudo-rs | ⬜ TODO | Rust sudo implementation |
| doas | ⬜ TODO | Simpler sudo alternative |
eBPF Tooling
| Tool | Status | Notes |
|---|---|---|
| bpftool | ⬜ TODO | Command surface reference |
| bpftrace | ⬜ TODO | Privilege handling |
| inspektor-gadget | ⬜ TODO | K8s eBPF auth model |
AI + Privileged Ops
| Tool | Status | Notes |
|---|---|---|
| claude-code-bash-guardian | ⬜ TODO | Sudo handling |
| OpenAI Codex sandbox | ⬜ TODO | Elevation model |
| E2B | ⬜ TODO | MicroVM approach |
Questions to Answer
- Does anything like ebpf-assist already exist?
- What credential caching patterns work well?
- How do other tools handle GUI vs headless auth?
- Are there existing polkit actions we could reuse?
Output
- Summary document of findings
- List of reusable components/patterns
- Ideas for v0.2.0 improvements
Notes
This can be done incrementally or by contributors. Good first issue for someone interested in the problem space.