almost to an alpha
This commit is contained in:
16
bin/prodserver
Executable file
16
bin/prodserver
Executable file
@@ -0,0 +1,16 @@
|
||||
#!/bin/bash
|
||||
|
||||
# NOTE!
|
||||
# when you mount the docker socket into the docker container
|
||||
# this is equivalent to giving it root on the outside host.
|
||||
# the jobs run via this tool should not be able to exploit this,
|
||||
# but it's possible that they can, so don't assume that jobs execute
|
||||
# in an isolated security context.
|
||||
|
||||
docker run \
|
||||
--name strpcd \
|
||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||
-v /storage/strpc:/rpc \
|
||||
--restart always \
|
||||
-d \
|
||||
sneak/strpcd
|
||||
Reference in New Issue
Block a user