You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/tutorials/best-practices/security-best-practices.md
+4-2Lines changed: 4 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -84,12 +84,14 @@ A malicious workspace could reuse Coder cookies to call the API or interact with
84
84
export CODER_DISABLE_PATH_APPS=true
85
85
```
86
86
87
-
By default, Coder mitigates the impact of having path-based apps enabled, but we still recommend disabling it to prevent malicious workspaces accessing other workspaces owned by the same user or performing requests against the Coder API.
87
+
By default, Coder mitigates the impact of having path-based apps enabled, but we still recommend disabling it to prevent
88
+
malicious workspaces accessing other workspaces owned by the same user or performing requests against the Coder API.
88
89
89
90
If you do keep path-based apps enabled:
90
91
91
92
- Path-based apps cannot be shared with other users unless you start the Coder server with`--dangerous-allow-path-app-sharing`.
92
-
- Users with the site`owner` role cannot use their admin privileges to access path-based apps for workspace unless the server is started with`--dangerous-allow-path-app-site-owner-access`.
93
+
- Users with the site`owner` role cannot use their admin privileges to access path-based apps for workspace unless the
94
+
server is started with`--dangerous-allow-path-app-site-owner-access`.