> Anyway, Apps that asks for root password on installation always makes me cringe, e.g. they could turn on SSH and put a pubkey into authorized_keys, or they could upload SSH identity files. But I still proceed to enter my password.
You don't need root to do any of those things. If you're going to run the SSH server on port 22, sure, but it can be run on any port above 1024 by a regular user in user space.
If you're already running an SSH server, a non-root app can most likely edit your ~/.ssh/authorized_key file. It's just a regular file, nothing special about a malicious app adding an entry to it.
Think a NAT is going to save you? A malicious program can SSH out and create a reverse tunnel to circumvent it.
Short answer: running anything you don't know or trust is dangerous, root access just makes it more dangerous.
>If you're already running an SSH server, a non-root app can most likely edit your ~/.ssh/authorized_key file. It's just a regular file, nothing special about a malicious app adding an entry to it.
That file is -rw-r--r--, so only the owner or root can change it, unless I am misunderstanding you?
You don't need root to do any of those things. If you're going to run the SSH server on port 22, sure, but it can be run on any port above 1024 by a regular user in user space.
If you're already running an SSH server, a non-root app can most likely edit your ~/.ssh/authorized_key file. It's just a regular file, nothing special about a malicious app adding an entry to it.
Think a NAT is going to save you? A malicious program can SSH out and create a reverse tunnel to circumvent it.
Short answer: running anything you don't know or trust is dangerous, root access just makes it more dangerous.