[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Screen in Atomic



On Tue, Apr 21, 2015 at 06:31:07PM -0400, Colin Walters wrote:
> [...]
> One thing I should emphasize though is that while you *can* run `screen`
> or `tmux` from inside a Docker container, it has many flaws, among them
> that a major point of the tool is to be able to run commands on the host
> - so you need to purely escape. [...]
>

Exactly. screen/tmux aren't on the same "slippery slope". Asking for screen/tmux isn't like asking for vim. It's a meta-feature for managing your containers themselves. 

In fact, adding screen or tmux would make using containers to extend functionality easier, so in the long run it makes it less likely for people to ask for other features/utilities. It decreases the angle of the slippery slope.

On extending the vulnerabilty surface: I certainly appreciate that adding tmux/screen is also adding potential CVE's. However, let's be real. If we were to prioritize feature addition by likelihood of security issues... Atomic wouldn't have Docker. :)

_Trevor

-- 
Sent from my Amiga 500.
(Trevor Jay) Red Hat Product Security
gpg-key: https://ssl.montrose.is/chat/gpg-key


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]