Open insanitybit opened 1 year ago
This will likely imply some new container types, potentially including a Trusted
container with full capabilities.
Trusted
- new
, init
, add
, clean
Exec
- bench
, test
, run
Install
- install
, uninstall
doc
will be a weird one to deal with, not sure what to do about that. At minimum we'll want to use Build
for the generation, but after that it's going to run arbitrary javascript in a browser if you use --open
. Probably not so dangerous, but a bit tricky.
Exec
is a placeholder. For basic unit tests we can have a really locked down environment. It's tests that have to reach out to the internet, etc, where things are really tricky.
One option is to solve the "my tests do arbitrary stuff" is via custom sandbox profiles. The default could optimize for unit tests and if you have integration tests maybe you need to do something else.
cargo
has a number of "common commands", a number of which are security relevant.