......I feel like openssh has a much larger attack surface than a simple binary.
If you're going to this extent already, you may as well jump on the run0 approach systemd is introducing.
oh no, I can hear rumbling
......I feel like openssh has a much larger attack surface than a simple binary.
If you're going to this extent already, you may as well jump on the run0 approach systemd is introducing.
oh no, I can hear rumbling
…I feel like openssh has a much larger attack surface than a simple binary.
Right. This is just trading one set of security pitfalls with a second, much worse set of security pitfalls.
alias run0=sudo
(not really; I'd rather not introduce an alias or any sort of symbolic behaviour that would teach me to expect that systemd crap is available on a system. The less you rely on it, the better)
Seems novel. But from a security aspect, if OpenSSH has security vulnerability that allows an unauthenticated user to login, via whatever means, once you are in the system as a non-privileged user, you are now free to use the same vulnerability to get root.
Basically this exercise is like using two locks that have the same key to open them. If the same key opens them, then a weakness in one, is now a weakness in the other so why bother with two identical locks?
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0