undefined | Better HN

0 pointsstjohnswarts4y ago0 comments

Who doesn't run an npm based app in a jail/vm/etc and as a regular user with any more than the bare minimum access needed to get it's job done?

0 comments

IggleSniggle4y ago

I would imagine installing directly as a regular user is the _typical_ approach, and even more-so for beginners.

I don’t see any recommendation in the nodejs or npm docs for any other approach.

It may be commonsense and obvious to you, but I would be really surprised if commonsense and common practice overlap significantly in scenarios like this for all but the most security conscious.

j / k navigate · click thread line to collapse

0 comments

IggleSniggle4y ago

I would imagine installing directly as a regular user is the _typical_ approach, and even more-so for beginners.

I don’t see any recommendation in the nodejs or npm docs for any other approach.

It may be commonsense and obvious to you, but I would be really surprised if commonsense and common practice overlap significantly in scenarios like this for all but the most security conscious.

j / k navigate · click thread line to collapse