Linux is a single user system and should be treated as such. Run your services as root. Don't rely on unix user primitives for security.
Linux is a single user system and should be treated as such. Run your services as root. Don't rely on unix user primitives for security.
Running as root opens you up to a class of vulnerabilities (denial of service, mainly) that you can avoid by not running as root.
That said, running every process in its own micro VM is looking more attractive by the minute.
Half the point is that you should always assume that there exists a complete LPE bug.
But yes, micro VMs are a great idea!
Everything in this comment is wrong.
Technically yes. Practically, I disagree.
The part where you run everything as root is particularly stupid. But yes, user isolation has been weakened quite a bit.
This carries the same energy as "People will break into your car no matter what, so just leave your doors unlocked."
You say that, but I know someone whose house had their front door kicked in by burglars even though it wasn't even locked.
The energy here is "so don't leave anything valuable in your car".
Unfortunately that is not what they proposed. To stretch the automotive analogy too far, you could say: if you invite a carjacker in, their seatbelt is not going to stop them from carjacking you.
"Avoid shared-kernel attack surfaces" is not an unreasonable proposition in 2026.
Yes that is reasonable, but dispensing with all on machine controls is not.
It is very good practical advice.
It also saddens me greatly, imagining what computing could look like if systems evolved differently.
Virtual machines are still the best design and has been for something like 20 years
Containers are good, as long as they all share the same purpose (read: same application, no multi-tenant)
We all know that multi-users systems (and thus, containers) have a very wide attack surface, while VM attack surface is very limited ..
This is why I am totally convinced that:
I agree with the general sentiment. I treat anything running arbitrary machine code as if it has full access to a machine. I don't know where you get "run your services as root" from that, though. The principle of least privilege doesn't just apply to running malicious code, but running buggy code whose attack surface is exposed to evil-doers.
https://xkcd.com/1200/