You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are two reasons one might run dlfile as root.
By mistake. Happens all the time with curl and other cli tools.
On purpose so that dlfile can write out to a privileged file.
I think in an ideal world (2) wouldn't happen. Instead dlfile would pipe the data to /dev/stdout and then another tool would handle the writing of the file. That said, it's probably worth supporting it.
Further, given root, we can perform more sandboxing. I don't want dlfile to be a setuid or something like that, but if we do run as root we can access namespaces, chroot, etc. This would significantly improve the sandbox.
The text was updated successfully, but these errors were encountered:
There are two reasons one might run dlfile as root.
I think in an ideal world (2) wouldn't happen. Instead dlfile would pipe the data to
/dev/stdoutand then another tool would handle the writing of the file. That said, it's probably worth supporting it.Further, given root, we can perform more sandboxing. I don't want dlfile to be a setuid or something like that, but if we do run as root we can access namespaces, chroot, etc. This would significantly improve the sandbox.
The text was updated successfully, but these errors were encountered: