You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@guacamole.apache.org by GitBox <gi...@apache.org> on 2020/03/04 20:14:00 UTC

[GitHub] [guacamole-client] necouchman commented on a change in pull request #469: GUACAMOLE-890: Security: Allow image to run as non-root user

necouchman commented on a change in pull request #469: GUACAMOLE-890: Security: Allow image to run as non-root user
URL: https://github.com/apache/guacamole-client/pull/469#discussion_r387909142
 
 

 ##########
 File path: guacamole-docker/bin/start.sh
 ##########
 @@ -30,7 +30,7 @@
 
 GUACAMOLE_HOME_TEMPLATE="$GUACAMOLE_HOME"
 
-GUACAMOLE_HOME="$HOME/.guacamole"
+GUACAMOLE_HOME="/tmp/guacamole"
 
 Review comment:
   I really don't like this part of it - making the `GUACAMOLE_HOME` into a temp directory doesn't seem wise to me.  Maybe I'm thinking of this too much from a non-docker perspective, but what if the user decides to try to map through `/etc/guacamole` to a specific path?
   
   I don't know if there's any other solution for this in the Docker Tomcat world, but this approach just makes me twitch :-).

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services