It may be mostly “security theater” but it requires almost no extra effort and drastically increases the difficulty of compromise by adding privilege escalation as another requirement to gaining root access.
- 0 Posts
- 4 Comments
Joined 2 years ago
Cake day: June 10th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
It helps protect you because if the application in question is compromised in any way (or has a flaw, i.e. an accidental
rm -rf /*), the only access it has is limited to the user it is run as. If it is run as root, it has full administrative privilege.
2·1 year agoI run the setup you’re aiming for, and as the other guy said, DNS challenge is the way to go. That’s what I do, and it works beautifully. It even works with Caddy auto-https, you just need to build Caddy with the cloudflare-dns plugin.
@wesker@lemmy.sdf.org if it helps, the Symfonium dev is open to de-googled licensing via Ko-Fi donations. See the forum post here: https://support.symfonium.app/t/how-can-i-pay-for-symfonium-without-google-play
Per Tolriq’s responses there, you can get the APK safely from the Aurora Store.