You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 14, 2021. It is now read-only.
We are currently running into this issue as well. We're trying to setup a read-only, immutable docker container to run our application inside of for our CI and Production environments (We do mount a tmpfs volume at /tmp for any temporary files such as pid files.)
We run our bundle install command in the Dockerfile (before we make our filesystem readonly), however the code path mentioned by @bibendi is hit anytime the bundle command is run and there doesn't appear to be any environment variable available to prevent bundler from checking that the user's home directory is writeable. From there it will show the warning message and create the tmp directory at /tmp/bundler/home/#{user} even though it never uses it.
$ bundle config
`/home/testuser` is not writable.
Bundler will use `/tmp/bundler/home/testuser' as your home directory temporarily.
Settings are listed in order of priority. The top value will be used.
silence_root_warning
Set via BUNDLE_SILENCE_ROOT_WARNING: true
app_config
Set via BUNDLE_APP_CONFIG: "/tmp/bundler"
bin
Set via BUNDLE_BIN: "/usr/local/bundle/bin"
path
Set via BUNDLE_PATH: "/usr/local/bundle"
gemfile
Set via BUNDLE_GEMFILE: "/home/testuser/Gemfile"
Our admins say that having a user_home for writing is not safe.
One of many examples: http://legalhackers.com/advisories/Wget-Arbitrary-File-Upload-Vulnerability-Exploit.txt
An approximate solution to the problem bibendi@a8630e7
Or if the current use of the temporary folder is the solution, then how to get rid of this message
The text was updated successfully, but these errors were encountered: