What's the attack surface of a git linux account that doesn't have a shell and c... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

jdvh on Feb 26, 2022 | parent | context | favorite | on: Gitlab Critical Security Release

What's the attack surface of a git linux account that doesn't have a shell and can only log on through ssh with a key from whitelisted IPs in a firewall? Compare that attack surface with that of a complicated web app like gitlab.

gmfawcett on Feb 26, 2022 [–]

Sure, but you could control access to the Web app, too? E.g. allow only certain VPN accounts to access it? There are lots of ways to manage attack surfaces.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact