• 9point6@lemmy.world
    link
    fedilink
    arrow-up
    75
    ·
    6 months ago

    …I feel like openssh has a much larger attack surface than a simple binary.

    If you’re going to this extent already, you may as well jump on the run0 approach systemd is introducing.

    oh no, I can hear rumbling

    • P03 Locke@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      3
      ·
      6 months ago

      …I feel like openssh has a much larger attack surface than a simple binary.

      Right. This is just trading one set of security pitfalls with a second, much worse set of security pitfalls.

    • lambalicious@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      6
      ·
      6 months ago

      alias run0=sudo

      (not really; I’d rather not introduce an alias or any sort of symbolic behaviour that would teach me to expect that systemd crap is available on a system. The less you rely on it, the better)