Replies: 2 comments
-
|
If you set the env var, it means you are aware of the situation and the risks, and chose to ignore it. Alternatively if you only want to suppress the prompt but not the clobber, you can use --no-interaction / -n. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
If you are already running as root, not clobbering sudo credentials does not make you more risky: scripts don't need to have any sudo credentials to gain root priviledges, as they already have it |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
So, you decided to add "Continue as root/super user [yes]?" and force me to press enter on that. Great, so, I decided to skim your code and ended up using
export COMPOSER_ALLOW_SUPERUSER=1... but now I realized this is actually causing me to be less secure, because it skips the "Silently clobber any sudo credentials" portions. So, if you truly care about security, maybe these should run in any case? ...and I'll also be glad to explain why I won't stop using Linux as root anytime soon. 🙃Beta Was this translation helpful? Give feedback.
All reactions