Y
Hacker News
new
|
ask
|
show
|
jobs
by
labster
752 days ago
You know the rules, and so do I.
1 comments
dv_dt
752 days ago
I know I prefer my exploits to come from opaque corners of package formats or docker layers as bofh intended. The more indirect handoffs of trust the merrier.
link
Timber-6539
752 days ago
Docker is at least sandboxed by default and requires sudo password to run commands.
link
dv_dt
752 days ago
There are advantages to docker, but also disadvantages. Definitely the same w/ "curl | sh" That's all I was trying to allude to, tongue in cheek.
link
freeone3000
752 days ago
But it requires sudo or effective-sudo to run
any
command, making such a measure worthless
link