[attilagyorffy]

This is exactly why i think modern kernel level security layers, such as FreeBSD jails (or Docker/LXC) were born. Provided your app runs within a jail, it wouldn't matter much anymore:

> Once inside the jail, a process is not permitted to escape outside of this subtree

You could also develop within isolation, therefore your development env would be safer and even similar to a production environment. Needless to say, that has additional benefits.

[mahouse]

I always develop inside a virtual machine, with a shared folder in between so I can write code on the host, but everything runs in the guest.

[attilagyorffy]

That's also a good solution I think. One of the main advantages of using containers though is real portability. This means in theory you could just push your container in development into production without too much hassle and making administrators nervous :) That's not the same level of portability a full VM would give you.

Admittedly this is more of a discussion about containers and security than npm itself but I'm interested in discovering the options out there. I may attempt to move all my stuff to containers for a bit and write about my findings.

[falcolas]

I have found out the hard way that a `rm -rf /*` will delete the contents of a `/vagrant/` file...

Huzzah for git.