wbrawner/toolbox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

README.md: Clarify that Toolbx isn't a security mechanism

Browse source 
Using the word 'containerized' gives the false impression of heightened
security.  As if it's a mechanism to run untrusted software in a
sandboxed environment without access to the user's private data (such as
$HOME), hardware peripherals (such as cameras and microphones), etc..
That's not what Toolbx is for.

Toolbx aims to offer an interactive command line environment for
development and troubleshooting the host operating system, without
having to install software on the host.  That's all.  It makes no
promise about security beyond what's already available in the usual
command line environment on the host that everybody is familiar with.

https://github.com/containers/toolbox/issues/1020
This commit is contained in:
Debarshi Ray 2022-11-29 15:32:52 +01:00
parent f5057d782e
commit d0fe8c45f7
1 changed files with 16 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
README.md
View file

@ -6,10 +6,16 @@
[![Arch Linux package](https://img.shields.io/archlinux/v/community/x86_64/toolbox)](https://www.archlinux.org/packages/community/x86_64/toolbox/)
[![Fedora package](https://img.shields.io/fedora/v/toolbox/rawhide)](https://src.fedoraproject.org/rpms/toolbox/)
[Toolbox](https://containertoolbx.org/) is a tool for Linux operating systems,
which allows the use of containerized command line environments. It is built
on top of [Podman](https://podman.io/) and other standard container
technologies from [OCI](https://opencontainers.org/).
[Toolbox](https://containertoolbx.org/) is a tool for Linux, which allows the
use of interactive command line environments for development and
troubleshooting the host operating system, without having to install software
on the host. It is built on top of [Podman](https://podman.io/) and other
standard container technologies from [OCI](https://opencontainers.org/).
Toolbox environments have seamless access to the user's home directory,
the Wayland and X11 sockets, networking (including Avahi), removable devices
(like USB sticks), systemd journal, SSH agent, D-Bus, ulimits, /dev and the
udev database, etc..
This is particularly useful on
[OSTree](https://ostree.readthedocs.io/en/latest/) based operating systems like
@ -31,11 +37,12 @@ incrementally adopt containerization.
The toolbox environment is based on an [OCI](https://www.opencontainers.org/)
image. On Fedora this is the `fedora-toolbox` image. This image is used to
create a toolbox container that seamlessly integrates with the rest of the
operating system by providing access to the user's home directory, the Wayland
and X11 sockets, networking (including Avahi), removable devices (like USB
sticks), systemd journal, SSH agent, D-Bus, ulimits, /dev and the udev
database, etc..
create a toolbox container that offers the interactive command line
environment.
Note that Toolbox makes no promise about security beyond what's already
available in the usual command line environment on the host that everybody is
familiar with.
## Installation & Use