How do i you decide whats safe to run

I recently ran Gossa on my home server using Docker, mounting it to a folder. Since I used rootless Docker, I was curious - if Gossa were to be a virus, would I have been infected? Have any of you had experience with Gossa?

  • just_another_person@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    5 months ago

    This is not true. Perhaps on an already at-risk or exploitable machine, but even then it’s not trivial, and this is not a widespread thing that happens everywhere all the time

    • kevincox@lemmy.ml
      link
      fedilink
      English
      arrow-up
      8
      ·
      5 months ago

      It is. Privilege escalation vulnerabilities are common. There is basically a 100% chance of unpatched container escapes in the Linux kernel. Some of these are very likely privately known and available for sale. So even if you are fully patched a resourceful attacker will escape the container.

      That being said if you are a low-value regular-joe patching regularly, the risk is relatively low.