top | item 46270083

(no title)

oskarkk | 2 months ago

If you're not sure if there are any important world-writable files, then just check that? On Linux you can do something like "find . -perm /o=w". And you can easily make whole dirs inaccessible to other users (chmod o-x). It's only a problem if you're a developer who doesn't know how to check and set file permissions. Then I wouldn't advise running any commands given by an AI.

discuss

SoftTalker|2 months ago

i'm imagining it's the same people who just chmod 777 everything so they don't have to deal with permissions.

cowboylowrez|2 months ago

yep thats me, I chmod that and make roots password blank, this way unauthorized access is impossible!

reactordev|2 months ago

Careful, you’re talking to developers now. Chmod is for wizards, Harry. One wouldn’t dream of disturbing the Linux gods with my own chmod magic. /s

Yes, this is indeed the answer. Create a fake root. Create a user. Chmod and chgrp to restrict it to that fake root. ln /bin if you need to. Let it run wild in its own crib.

seba_dos1|2 months ago

Though why bother if you can just put it into a namespace? Containers can be much simpler than what all this Docker and Kubernetes shit around suggests.