• phx@lemmy.ca
    link
    fedilink
    arrow-up
    14
    ·
    1 year ago

    Given a rant like this I wouldn’t be trusting his code. Admin access to a backend and ability to write to the underlying filesystem+configs are two different layers. Yeah in many cases they may be the same admin, but not necessarily. It also means a compromised admin UI user can modify the underlying system to hide their tracks.

    It’s like saying it’s ok to have a hypervisor breakout because it requires you to have root in the underlying VM to exploit and only trusted admins have root…