Not necessarily...there's nothing that ensures remote signers and extensions don't have similar issues...
Discussion
It at least reduces possible exposure surface.
the complexity of clients makes it more likely however
the point of isolating it in a simple, single purpose thing is to reduce the chances of there being a vulnerability
it's a point lost on many programmers these days, the reason why the Unix philosophy talks about small, single purpose, modular applications. Security is a big part of why, but a small part of the broader problem of bugs, which also cause other inconveniences
Agree...(in theory).
How many times to devs pull from a library of "trusted" code, only to find at some point in the future that "oops, we found a bug in library x"...
Often it's no one's fault--but it happens.
So modular applications / libraries come with potentially even a greater risk... 😃