Comments (4)
justinengland
commented on June 18, 2024
2
not worth the effort. The user space inside the container doesn't really matter that much IMO.
from chia-docker.
benv666
commented on June 18, 2024
2
I respectfully disagree, there is no good reason to run as root in this container.
Worse, it makes it easy for an attacker if they manage to break into the container to do whatever they want in there, but potentially also to break things for the host system.
See https://engineering.bitnami.com/articles/why-non-root-containers-are-important-for-security.html or many other blogs.
from chia-docker.
caeci11ius
commented on June 18, 2024
Went to the trouble of setting up users to run this container as only to discover there was no easy way to do it. Took a look at the user mapping mentioned above but it all seemed a bit much for someone who has a fairly rudimentary knowledge of docker...
from chia-docker.
adarobin
commented on June 18, 2024
@justinengland What about the poor machine that is hosting the container?
from chia-docker.
Related Issues (20)
- When upgrading from version 1.5.0 to a newer version, a "Node healthcheck failed" error appears HOT 2
- Not possible to pass --expose as documented, entrypoint gets confused HOT 2
- docker harvester stops if recursive dir is empty or errors at some point. HOT 20
- Error in log after upgrading to 1.7.0 HOT 5
- yq_x86 is used on arm image HOT 2
- Multiple plot drives HOT 2
- docker harvester stops if one of recursive dirs has errored hdd which seems to be mounted properly. HOT 2
- Possible issue with port forwarding and wallet sync on latest image. HOT 3
- Compressed plot harvesting disabled by default HOT 1
- Bladebit installed HOT 7
- Remote GUI no longer works HOT 3
- How do you persist the keys and thus identity of remote harvester only? HOT 8
- Docs update for boolean env vars with docker compose HOT 4
- SSL keys permission HOT 2
- Concerns and Suggestions Regarding Chia Token Reserve Strategy
- exposing port 9256 HOT 2
- update readme 'chia show -c' has been renamed to 'chia peer -c' HOT 1
- I started the container using the following parameters, but when connecting to the farmer, the certificate reported an error HOT 7
- Can I use the “chia plots create” command with docker? HOT 1
- When I put the container up to run on another offline machine it's always added /plots my plots_dir doesn't include it HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chia-docker.