Skip to content

Commit

Permalink
refactor: prevent execution of arbitrary commands in container
Browse files Browse the repository at this point in the history 
- Preserve the removal of certain commands to prevent the container from executing arbitrary commands

Signed-off-by: 陳鈞 <[email protected]>
  • Loading branch information
@jim60105
jim60105 committed May 18, 2024
1 parent 7f68aab commit 911443e
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,8 +71,8 @@ COPY --link --chown=$UID:0 --chmod=775 --from=build /root/.local /home/$UID/.loc
ENV PATH="/home/$UID/.local/bin:$PATH"
ENV PYTHONPATH="/home/$UID/.local/lib/python3.12/site-packages:${PYTHONPATH}"

# Remove these to prevent the container from executing arbitrary commands
RUN rm /bin/echo /bin/ln /bin/rm /bin/sh
# # Remove these to prevent the container from executing arbitrary commands
# RUN rm /bin/echo /bin/ln /bin/rm /bin/sh

WORKDIR /recordings

Expand Down

0 comments on commit 911443e

Please sign in to comment.