| ▲ | nottorp 13 hours ago |
| ... as root? |
|
| ▲ | tintor 13 hours ago | parent | next [-] |
| No root. `pip` and `npm install` don't require it. You can not use `sudo apt install` inside it. They use gVisor, and other container isolation mechanisms:
https://ryan.govost.es/2025/openai-code-interpreter/ |
| |
| ▲ | bandrami 9 hours ago | parent [-] | | OTOH if you have apt, you have arbitrary shell commands (hooray dpkg-hooks!) Golden years for cybersecurity people |
|
|
| ▲ | zahlman 13 hours ago | parent | prev [-] |
| Given that it's within a container on a remote server, does that matter? |
| |
| ▲ | acedTrex 13 hours ago | parent [-] | | I mean i hope its more hardened than JUST a container given how many container escapes there are. | | |
| ▲ | jchw 12 hours ago | parent [-] | | Apparently, they are using gVisor, which when applied properly, should make a pretty good isolation primitive. |
|
|
