[salmo]

For regulatory compliance, that’s still not acceptable because it opens the door to cross user data access or privilege escalation.

If someone exploited a process with a dedicated unprivileged user, had legit limited access, or got in a container on a physical, they might be able to leverage it for the forces of evil.

There’s really no such practical thing as single user Linux. If you’re running a network exposed app without dropping privileges, that’s a much bigger security risk than speculative execution.

Now, if you were skipping an OS and going full bare metal, then that could be different. But an audit for that would be a nightmare :).

[flatiron]

There’s definitely sneakernet Linux boxes. I’ve worked at a bunch of places with random Linux boxes running weird crap totally off the actual network because nobody was particularly sure how to get those programs updated. Technical debt is a pita!

[hedora]

I suspect you are conflating security regulations for Unix users with regulations targeting users of the system.

Why would a regulatory framework care if a Linux box running one process was vulnerable to attacks that involve switching UIDs?

Converse, why would that same regulatory framework not care if users of that network service were able to impersonate each other / access each others’ data?

[salmo]

Most of the controls are about auditability and data access.

But the control frameworks are silly sometimes. Then add in that they’re enforced by 3rd party auditor consultants looking for any reason to drag it out.

And yeah, I tried to get this past them for a old singleton system to avoid having to buy a bigger non-standard server.

[throwawaylinux]

Which regulations?

[salmo]

The worst is the fake regulation that is PCI. But I tried in a SOX audit to avoid buying new gear.

I hate auditors. Making sense doesn’t matter. Their interpretation of the control does. I do have a playbook of “how I meet X but not the way you want me to”, but lost that one. Probably spent more $ arguing than the HW cost.