Skip to content

Include paxtest in the image #3

New issue
New issue
Open
Open
Include paxtest in the image#3
@thedeadliestcatch

Description

@thedeadliestcatch
thedeadliestcatch
opened on Apr 13, 2024

Hi,

It would be convenient to have paxtest included in the image:

FROM ${DOCKER_IMAGE:-archivebox/archivebox:master}

RUN apt-get update && apt-get install -y \
    paxctl && rm -rf /var/lib/apt/lists/*

RUN paxctl -cm /usr/bin/node

When running node applications in hardened environments (or building them in such environments) 'node' needs to be able to create memory mappings for JIT. It's a security trade-off, thus you can likely skip adding the paxctl step. This will make it easier to build/adjust the images in network-restricted environments.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions