Y
Hacker News
new
|
ask
|
show
|
jobs
by
caddybox
1763 days ago
Genuine question : Whya re snaps a nightmare on headless servers? Their auto-updating nature does add some stability issues but any other reasons?
1 comments
bitlevel
1763 days ago
Because it's not conjusive to a minimal attack surface - by way of example:
https://www.helpnetsecurity.com/2019/02/13/cve-2019-7304/
link
Osiris
1763 days ago
Not to completely minimize it, but that says local attacker, not remote attacker. So someone would still have to gain access to the system in question in the first place.
link
phone8675309
1763 days ago
Just because a server is headless does not mean that it isn't interactive in some way or running some user-submitted scripts or code.
Also, compromising a service running as a user (not root) would be sufficient to then escalate.
link