> The only thing root access would give somebody on my machine is to uninstall some random packages or corrupt my install.
While I agree that compromise of an unprivileged account has significant costs, technically superusers do have significantly greater access to the system and so there are greater levels of risk.
RedoxOS is reimplementing Linux userspace utilities in rust in order to avoid C vulns in suid binaries; like ping, which requires raw sockets for ICMP (which most of us only need the Echo Request capability of)
While I agree that compromise of an unprivileged account has significant costs, technically superusers do have significantly greater access to the system and so there are greater levels of risk.
RedoxOS is reimplementing Linux userspace utilities in rust in order to avoid C vulns in suid binaries; like ping, which requires raw sockets for ICMP (which most of us only need the Echo Request capability of)
Superuser: https://en.wikipedia.org/wiki/Superuser
Capability-based security: https://en.wikipedia.org/wiki/Capability-based_security
Privilege-based escalation: https://en.wikipedia.org/wiki/Privilege_escalation
Principle of least privilege: https://en.wikipedia.org/wiki/Principle_of_least_privilege
MAC: Mandatory Access Control: https://en.wikipedia.org/wiki/Mandatory_access_control