Gitpod: Root Accessibility Release Date?

Hi @TheParadoxTheory, thanks a lot for your feedback! 🙂

We don't have a date yet for sudo / root support, but that's tracked in issue #39 (please subscribe to it to get notified when we start supporting that).

The problem is that giving users sudo rights in containers increases the attack surface, while we want to protect users from each others on our servers. Docker and Kubernetes are working hard toward separating sudo rights into categories that can be enabled separately ("capabilities"), so it should become "safe enough" at some point, but just to be safe, we're waiting for some sort of official signal from the Docker/Kubernetes community that now it's ok to give sudoer-rights.

FYI, there are a few exploits here and there that use sudoer rights to "escape" from a container onto a host, but they're getting more and more rare, and are considered as severe bugs by Kubernetes/Docker/Linux developers. I personally think all the recent exploits use the cap_sys_admin capability, which is the most dangerous one, so you can give sudo access without it and be pretty safe.

As for the "run dockerfile" button, that's another excellent suggestion, that could be part of #726 (I think Sven suggests a similar idea, but using Snapshots).

Ah I see, I will still use the dockerfile for now

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Closing as duplicate of https://github.com/gitpod-io/gitpod/issues/39 which is currently being implemented in Gitpod.

Also, FYI, we're doing a YouTube livestream about this feature: https://www.youtube.com/watch?v=l4I2TVAnBuw (starts in about ~2.5 hours)