You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix(security): remove host /proc mount from chroot mode
Host /proc exposes sensitive information including environment variables
of all host processes (which may contain secrets like API keys). This is
an unnecessary security risk since most language runtimes work without
/proc access.
- Remove /proc:/host/proc:ro mount from chroot mode
- Update tests to assert /proc is NOT mounted
- Update documentation to remove /proc references
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
0 commit comments