| ▲ | usrusr 7 hours ago | |
Yeah, I'd expect this approach to be almost universal, with the caveat that of the few who don't, many still don't get bitten. But it turns out even in the container, there are footguns that have occasionally made the news by being fired: few projects don't have any external resources and when credentials with any form of write access happen to make it into the container (even if it's just a session cookie) agents might jump at the opportunity. | ||