On Mon, Jun 26, 2023 at 2:11 AM Sergey Bugaev <buga...@gmail.com> wrote: > The user already has full access to our task, and the same kind of > access to the file system image (if any) as our task does, we're not > buying any additional security by disallowing them access.
This is not necessarily true considering multi-UID. We'd need to check that the user has *all* of the UIDs that our task has. This is why you don't commit at 2 AM :D Sergey
