Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
q3k
on Jan 16, 2016
|
parent
|
context
|
favorite
| on:
Sailor, a native and portable container system for...
There is a difference between not bringing in additional security and bringing anti-security. In my eyes, you are doing the latter.
Your default examples elevate privilege, not warning the user about this fact anywhere.
iMil
on Jan 16, 2016
[–]
Duly noted, I just added a word about it on the GitHub page, and you're right, I should run the examples services with a dedicated user as I already do for the nginx process. Thanks for your feedback!
iMil
on Jan 17, 2016
|
parent
[–]
And so it is, I just commited changes so both PM2 and gunicorn are started with a specific user.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Your default examples elevate privilege, not warning the user about this fact anywhere.