This would add complexity and in particular couple the application to a specific combination of operating system/privileges model/file system. How great is the benefit, really? How many things are exploited by the application writing to its own startup config?
It would add fair bit of code, sure, but nicely isolated and not complex: It's three extra lines of code in the main function, and a separate utility to write the config.
Balance that against the fact that the server then never writes its own config - that code is moved into the configuration-writing application, which removes complexity from the server application.
> and in particular couple the application to a specific combination of operating system/privileges model/file system.
It does indeed couple it to those systems that are sufficiently POSIX-like; however if you are writing a server that doesn't run on a Linux or BSD-derived system, you are out in the left field anyway.
> How great is the benefit, really? How many things are exploited by the application writing to its own startup config?
Well, the comment I made was in a thread discussing a vulnerability in the Microsoft Teams application[1] which was exploitable to retrieve the user's secrets[2] from their config file.
So, that particular comment was very much on-topic and in-context.
[1] Not sure if it was on all platforms or not.
[2] Or something - I forget exactly what was leaked.
most methods of getting persistence involve writing to some config file somewhere. Having your app not have rights to write to any sort of config or code files probably is fairly beneficial.
How much is probably going to depends on how everything is configured, what your threat model is, what service it is, and a million other things.
