Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
feat: add ELECTRON_DISABLE_SANDBOX env var #16576
Description of Change
This is to support easy disabling of sandboxing in CI environments, particularly on Linux where running CI inside docker is common, and Chrome's sandboxing technique conflicts with docker's default seccomp profile.
There have been concerns raised over whether this is a potential attack vector (e.g. an attacker who had control over the app's environment could set this variable to permit escalation), but I think there exist other easier routes to escalation if you have control over the environment, e.g.
Notes: Added ELECTRON_DISABLE_SANDBOX environment variable to make it easier to disable sandboxing in Docker-based Linux CI environments.