Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarify that Toolbx isn't a security mechanism #29

Merged
merged 2 commits into from
Nov 29, 2022
Merged

Clarify that Toolbx isn't a security mechanism #29

merged 2 commits into from
Nov 29, 2022

Conversation

debarshiray
Copy link
Member

Using the word containerized gives the false impression of heightened security. As if it's a mechanism to run untrusted software in a sandboxed environment without access to the user's private data (such as $HOME), hardware peripherals (such as cameras and microphones), etc.. That's not what Toolbx is for.

Toolbx aims to offer an interactive command line environment for development and troubleshooting the host operating system, without having to install software on the host. That's all. It makes no promise about security beyond what's already available on the usual command line environment on the host that everybody is familiar with.

containers/toolbox#1020

@debarshiray
Tweak the introductory text
c7afcb2 
Mention that Toolbx is meant for system administrators to troubleshoot
the host operating system.  The word 'debugging' is often used in the
context of software development, and hence most readers might not
interpret it as 'troubleshooting'.
@debarshiray
Clarify that Toolbx isn't a security mechanism
d54a2ea 
Using the word 'containerized' gives the false impression of heightened
security.  As if it's a mechanism to run untrusted software in a
sandboxed environment without access to the user's private data (such as
$HOME), hardware peripherals (such as cameras and microphones), etc..
That's not what Toolbx is for.

Toolbx aims to offer an interactive command line environment for
development and troubleshooting the host operating system, without
having to install software on the host.  That's all.  It makes no
promise about security beyond what's already available in the usual
command line environment on the host that everybody is familiar with.

containers/toolbox#1020
@debarshiray debarshiray merged commit d54a2ea into containers:main Nov 29, 2022
@debarshiray debarshiray deleted the wip/rishi/toolbox-issue-1020 branch November 29, 2022 17:01
@github-pages github-pages bot temporarily deployed to github-pages November 29, 2022 17:01 Inactive
@debarshiray debarshiray mentioned this pull request Nov 29, 2022
Closed
@abitrolly
Copy link

So what are alternatives to toobox that containers/ users can look into if they need to isolate their HOME and other parts of the system from project payload?

@abitrolly
Copy link

abitrolly commented Nov 29, 2022
edited
Loading

The change is very much needed. The GitHub project also needs a direct link to https://containertoolbx.org/ and the security note could be much more prominent.

EDIT: Sent PR #30 to get security note its own header.

@debarshiray
Copy link
Member Author

So what are alternatives to toobox that containers/ users can look into if they need to isolate their HOME and other parts of the system from project payload?

Override HOME? Apparently you can use tlbx.

See containers/toolbox#183

@abitrolly
Copy link

@debarshiray thanks. #183 is 26 pages long thread. The short notice in README/website would be sufficient.

@debarshiray
Copy link
Member Author

The GitHub project also needs a direct link to https://containertoolbx.org/

It already does. Twice - once at the top of the README.md and once in the sidebar on the right.

@abitrolly
Copy link

It already does. Twice - once at the top of the README.md and once in the sidebar on the right.

I mush be blind. Where?

image

@debarshiray
Copy link
Member Author

It already does. Twice - once at the top of the README.md and once in the sidebar on the right.

I mush be blind. Where?

Oh, sorry. I thought you meant containers/toolbox by the GitHub project.

I have now added a link to the website to containers/containertoolbx.org.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@debarshiray @abitrolly