I understand the warning about running Syncthing as a root user. But how egregious is it if it’s running in a VM that does literally nothing else?
I cannot for the life of me get the user permissions to stay set so it will work as a non-root user.
If an exploit is found in Syncthing that allows for take over then that would lead to root access.
Why not apply that same logic to the services you run on firewall-as-a-platform?
On that box you run everything as root with no isolation without batting an eye. And those services are way more promiscuous. And that box is way more significant.
And that access would be limited to the VM that isn’t doing anything else?
If they get root access they can install software they want and move laterally on your network if you don’t have any logical separation (VLANs) with the proper firewall rules.