The article talks about sudo
and doas
being SUID binaries and having a larger attack surface than run0
would. Could someone ELI5 what this means?
The article talks about sudo
and doas
being SUID binaries and having a larger attack surface than run0
would. Could someone ELI5 what this means?
You also need full root access to you bank’s machines.
For the execution, can’t you configure the fstab with noexec on partitions where the user has write permissions and give the user read-only permissions on the root partition ?
I think this would be fine for most jobs, the exception being software development where you usually need to execute stuff to test your programs.
From the gitlab page:
The user can move the cursor with
h,j,k,l
(vim keys), or the arrow keys.
Thanks a lot for this detailed, understandable and kind answer :)