You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Does anyone run into the situation where we need to conform to security policy regarding "runAsNode" CVE?
If we follow the mitigation, which means disabling runAsNode fuse, but accepting this drawback:
Please note that if this fuse is disabled, then process.fork in the main process will not function as expected as it depends on this environment variable to function.
then node-pty won't work as expected in some cases, e.g calling .kill() on Windows. This has fork API call under the hood.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hey there 👋
Does anyone run into the situation where we need to conform to security policy regarding "runAsNode" CVE?
If we follow the mitigation, which means disabling
runAsNodefuse, but accepting this drawback:then
node-ptywon't work as expected in some cases, e.g calling .kill() on Windows. This hasforkAPI call under the hood.Does anyone have a clue on this? TIA
Beta Was this translation helpful? Give feedback.
All reactions