Commit d3e4d7d4 authored by Daan Sprenkels's avatar Daan Sprenkels

readme: Add a note about sandbox security; NFC

parent 5f43c291
Pipeline #46329 passed with stage
in 2 minutes and 55 seconds
......@@ -26,6 +26,17 @@ cargo uninstall maruska
Cargo currently has no support for "regular" upgrading of installed packages.
You can force a reinstall, however, using:
## Security
A user running maruska can request the help screen. `man` will use the system
preferred pager program (set by `$PAGER` and `$MANPAGER`). If this is set to
`less`, the user can execute any command by default.
If you intend to sandbox this program, to allow usage for anonymous users, make
sure that you _completely_ sandbox the process tree and file system. The user
can run arbitrary code through the maruska process, and maruska is not designed
to provide any security to prevent this.
cargo install --force --git
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment