Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
nautilus12
7mo ago
0 comments
Save
Share
If you always run npm inside of docker does that pretty much prevent attacks like this?
0 comments
2 comments · 1 top-level
top
newest
oldest
mfro
7mo ago
· 1 in thread
Docker is not a sandbox. There is some work that can be done to harden it, but you're better off looking at genuinely sandboxing your dev environment
ashishb
7mo ago
What is genuine sandboxing? Everyone waives there hands by saying this
1 more reply
j
/
k
navigate · click thread line to collapse
