Of course, in Repl.it, we do not have sudo or the ability to change to a superuser through su. Since apt requires root privileges, we must use install-pkg instead. Though, it seems that install-pkg does not have full root privileges as it does not seem to be able to write to the /usr/share/ directory when trying to install open-cobol to run COBOL in Repl.it.
Is it possible to give full root privileges to install-pkg? If so, how do you do it.
Also, I have another question with this: Since Repl.it uses only local file systems for the Ubuntu VMs on which almost every repl runs, why are root privileges denied to replitors? If we had root privileges in repls, we could also use apt, dpkg, etc. and could do so much more with Repl.it, but we can't do it because we don't have sudo or a password for su.
@AmazingMech2418 repls are Docker containers, not whole VMs. This is how we’re able to give everyone so many resources for free and give even more resources to Hackers in exchange for just a few dollars a month.
We take a layered approach to security, and one important part is to grant fewer privileges to untrusted code. There have been exploits where root inside a container can be used to obtain root on the host.
There’s probably a way to install OpenCOBOL/GnuCOBOL from source without root inside of your repl if you’re up for giving that a try. Also, our base Docker image that we run repls on top of is open source, so you could try installing it there and opening a PR! https://github.com/replit/polygott
How to Give Root Privileges to install-pkg
Of course, in Repl.it, we do not have
sudo
or the ability to change to a superuser throughsu
. Since apt requires root privileges, we must useinstall-pkg
instead. Though, it seems thatinstall-pkg
does not have full root privileges as it does not seem to be able to write to the/usr/share/
directory when trying to installopen-cobol
to run COBOL in Repl.it.Is it possible to give full root privileges to
install-pkg
? If so, how do you do it.Also, I have another question with this: Since Repl.it uses only local file systems for the Ubuntu VMs on which almost every repl runs, why are root privileges denied to replitors? If we had root privileges in repls, we could also use apt, dpkg, etc. and could do so much more with Repl.it, but we can't do it because we don't have
@amasad , could you explain this?sudo
or a password forsu
.We take a layered approach to security, and one important part is to grant fewer privileges to untrusted code. There have been exploits where root inside a container can be used to obtain root on the host.
There’s probably a way to install OpenCOBOL/GnuCOBOL from source without root inside of your repl if you’re up for giving that a try. Also, our base Docker image that we run repls on top of is open source, so you could try installing it there and opening a PR! https://github.com/replit/polygott