Hacker News new | past | comments | ask | show | jobs | submit login

Maybe these services run the compilation in a docker container? shadow and lsb-release exist in many images.



Untrusted code execution in a Docker container is not exactly safe. Even if the runtime and container are optimally configured for security purposes (uncommon), container runtimes are not designed or particularly thoroughly evaluated for use as a security solution.


I found a lot of online services which would do LaTeX to PDF conversion, which were running in docker containers.

They would almost universally allow you to include files, and run commands on the host.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: