Hacker News new | ask | show | jobs
by richo 4146 days ago
* Add figure ALL=(ALL) NOPASSWD:ALL to sudoer file.

This is cute.
1 comments
sorpaas 4146 days ago
That's for deleting apps, since docker volumes may produce something that only root can access. Haven't found ways to get around it, any suggestions?
link
lbradstreet 4146 days ago
I assume you mean data outside the container?

Maybe you could at least silo the utility that needs to delete so that it can easily be inspected and so you don't have to trust the whole program.

link
richo 4146 days ago
Exactly. A setuid `delort-container` utility would be a good start.
link