security risk
masukomi opened this issue · 1 comments
masukomi commented
in your app.yml it says
sudo: ['ALL=(ALL) NOPASSWD:ALL']
if that is actually editing the sudoers file then i think you've opened up a huge security hole in that anyone can now become root without needing a password.
seven1m commented
I think it might be possible to reduce that. I’ll see what I can do.
To be clear though, a user would still need to log into the machine. The installer assumes you are not creating other users on your Digital Ocean vps instance.