mirror/archivebox
1
0
Fork 0
mirror of https://github.com/pirate/ArchiveBox.git synced 2025-08-24 15:13:03 +02:00
Code Issues Releases Wiki Activity

Updated Security Overview (markdown)

Nick Sweeting
2023-12-17 15:37:15 -08:00
parent f4302e172f
commit 024a84456a
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Security-Overview.md

@@ -42,6 +42,12 @@ If you're importing private links or authenticated content, you probably don't w
<img src="https://i.imgur.com/yDqJc4I.jpg" width="150px" align="right">
> [!TIP]
> Make sure you run Docker commands with `run` instead of `exec` or you'll get a warning! e.g.
> ✅ `docker compose run archivebox manage create superuser`
> *instead of:*
> ❌ `docker compose exec archivebox manage create superuser`
Do not run ArchiveBox as root for a number of reasons:
- Chrome will execute as root and fail immediately because Chrome sandboxing is pointless when the data directory is opened as root (do not set `CHROME_SANDBOX=False` just to bypass that error!)
- All dependencies will be run as root, if any of them have a vulnerability that's exploited by sites you're archiving you're opening yourself up to full system compromise