mik

joined 1 year ago
[–] [email protected] 5 points 1 month ago

It may be mostly "security theater" but it requires almost no extra effort and drastically increases the difficulty of compromise by adding privilege escalation as another requirement to gaining root access.

[–] [email protected] 11 points 1 month ago* (last edited 1 month ago) (16 children)

It helps protect you because if the application in question is compromised in any way (or has a flaw, i.e. an accidental rm -rf /*), the only access it has is limited to the user it is run as. If it is run as root, it has full administrative privilege.

[–] [email protected] 2 points 1 month ago

I run the setup you're aiming for, and as the other guy said, DNS challenge is the way to go. That's what I do, and it works beautifully. It even works with Caddy auto-https, you just need to build Caddy with the cloudflare-dns plugin.

[–] [email protected] 3 points 1 year ago

I personally like ligatures when I'm programming. It took me some getting used to, but now I can't live without them due to how distinct it makes the code segments. I fully understand disliking them though. Thankfully fonts like source code pro allow disabling features like ligatures and their godawful handwriting styled italics, so you're able to use just the parts you like.