The approach is comparing
- Theoretical configuration errors, or theoretical vulnerabilities that may or may not be there with
- Having a new daemon running (a new attack surface) which
- may also have configuration errors, or vulnerabilities as such
- and also removes a few layers of user based authorisation with a single root level
This approach is somehow considered more secure.
And in a rational way, and of course for any rational security perspective this can't be considered more secure, just different.
This approach is somehow considered more secure.
And in a rational way, and of course for any rational security perspective this can't be considered more secure, just different.