Open MasseGuillaume opened 7 years ago
Running as a non-root user seems like good first step.
Could the JVM's SecurityManager be useful as well?
here a new, non-root user is set up for the container. Is it actually used? This might be unintended behavior
Running as a non-root user seems like good first step.
Could the JVM's SecurityManager be useful as well?
we used to use SecurityManager in https://github.com/OlegYch/scastie_old but it is full of wholes and very restrictive at the same time currently docker works fine, but it would be nice to implement some kind of per user/ip time limits to prevent denial of service attacks
Some tips from hacker news: (https://news.ycombinator.com/item?id=14375888)