> a minor thing (local privilege escalation if you happen to be running atop as a privileged user)
I seem to be hearing this sentiment a lot lately. How is local privilege escalation a minor thing?
If it's such a minor thing, is the old advice to not run as root considered passé? Should we just run everything as root? Should we discard the entire Unix security model and chmod all files to 0777?
In most scenarios, you are no longer running with multiple users on the same machine.
Either this is a server, which has an admin team, or a client machine, which _usually_ have a single user.
That isn't 100% true, and local privilege escalation matters, but it is a far cry from remote code execution or remote privilege escalation.
User privilege separation is a foundation that allows many container implementations to work, and for sandboxes software like Tor or, for however unlikely it is that you're running atop on it, Android use, etc.
If someone is running Tor to not end up in prison/dead, their Tor sandbox can be opened for anyone to own, for example.
I seem to be hearing this sentiment a lot lately. How is local privilege escalation a minor thing?
If it's such a minor thing, is the old advice to not run as root considered passé? Should we just run everything as root? Should we discard the entire Unix security model and chmod all files to 0777?