Graham Dumpleton

The ``docker-stacks`` images don't have all the changes I would like to see, but based on reactions have got, I doubt that will ever be able to get the last...

If these images were only ever used as is there would be no issue changing. The problem is the effect on people who are creating derived images. You can’t assume...

Arrgggh. Totally forgot that issue was raised around use of ``su``. With that PR closed and work moved to another, that probably didn't get discussed further as well as it...

Not sure yet what issues this may cause with existing functionality in the image which uses ``su`` and ``sudo``, but you could restrict use of ``su`` to users in the...

You would though have to also rollback the change made to make ``/etc/group`` writable as if left that way someone could add themselves to group ``wheel`` anyway. The addition of...

As per comments on https://github.com/jupyter/docker-stacks/pull/653 it seems that what can do to lock down ability to run ``su`` is the following. * Remove group ``root`` write access to ``/etc/group`` that...

I have reworked my withdrawn PR and create a new one at https://github.com/jupyter/docker-stacks/pull/654 to lock down in what circumstances ``su`` can be executed.

If someone already has the ability to override the startup command and supply ``--user 1234:0``, then they could just as easily run the container as user ``root`` by doing ``--user...

Or BlueJeans or phone since you appear to live in the same city. :-) For email you can get me at: [email protected]

So what I understand is that you are saying my workaround to make it work is actually the bug and when that bug is fixed I will not be able...