Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
asmor
on April 11, 2023
|
parent
|
context
|
favorite
| on:
Supabase Edge Runtime: Self-Hosted Deno Functions
I had a look at it and it seemed interesting, but then I spotted the `-v /var/run/docker.sock:/var/run/docker.sock`.
popcorncowboy
on April 11, 2023
[–]
In case anyone's wondering, that gives the container root level access to the host's Docker daemon. A big potential security hole.
asmor
on April 11, 2023
|
parent
[–]
It's also just generally wrong to build a scheduler on top of the docker API. We have CRI for a reason, because everyone knows Docker is not going to be around forever. Certainly not the company. Maybe dockerd.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
