nodejs/nodebestpractices
1
0
Fork 0
mirror of https://github.com/goldbergyoni/nodebestpractices.git synced 2025-11-02 19:18:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: Change 'his' to gender neutral term 'their'

Browse Source
This commit is contained in:
Benjamin Forster
2021-11-11 13:22:44 +11:00
committed by GitHub
parent 6f6acbccb7
commit 4ad417937a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -919,7 +919,7 @@ Also known as correlation id / transit id / tracing id / request id / request co
**TL;DR:** There is a common scenario where Node.js runs as a root user with unlimited permissions. For example, this is the default behaviour in Docker containers. It's recommended to create a non-root user and either bake it into the Docker image (examples given below) or run the process on this user's behalf by invoking the container with the flag "-u username" **TL;DR:** There is a common scenario where Node.js runs as a root user with unlimited permissions. For example, this is the default behaviour in Docker containers. It's recommended to create a non-root user and either bake it into the Docker image (examples given below) or run the process on this user's behalf by invoking the container with the flag "-u username"
**Otherwise:** An attacker who manages to run a script on the server gets unlimited power over the local machine (e.g. change iptable and re-route traffic to his server) **Otherwise:** An attacker who manages to run a script on the server gets unlimited power over the local machine (e.g. change iptable and re-route traffic to their server)
🔗 [**Read More: Run Node.js as non-root user**](./sections/security/non-root-user.md) 🔗 [**Read More: Run Node.js as non-root user**](./sections/security/non-root-user.md)