• 0 Posts
  • 4 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle
  • Of course it applies to any software, but some programs are more vulnerable than others. For example, when you want to have cryptography in your program, you use an established library, not write the algorithms yourself, because those libraries were written with security in mind (i.e. have protections against different kinds of attacks, for example, side channel attacks, in addition to being implemented properly). The whole point is to minimize the surface of attack, so that your system is more secure. And one way of doing so is to not give root permissions to programs that don’t need it (such as text editors like nano).



  • Sure, but sudo is specifically designed with security in mind as a security program, whereas text editors are not (although I am more likely to trust vim than vscode). Running a malicious program as the user and not as root can help mitigate the impact it could do, even though it will still be able to do a lot as a user.