| 7 Mar 2024 |
 edef | it's just a textbox | 01:07:43 |
 raitobezarius | is it safe to expose? | 01:07:44 |
| raitobezarius | publicly I mean | 01:07:52 |
| edef | if you set the auth and confine CH properly, kinda? | 01:08:13 |
| edef | it's a pile of C++ and i have segfaulted it before | 01:08:21 |
| raitobezarius | well seccomp should reasonably prevent bad things to happen | 01:08:34 |
| raitobezarius | mmmmm | 01:08:37 |
| raitobezarius | i may be tempted to run this | 01:08:40 |
| edef | but give it a read-only dataset and seccomp it, and it should be fine | 01:08:44 |
| edef | you probably want to leave the query caches on, so don't wipe it for every request | 01:08:56 |
| edef | but wipe it every 24h or something and it shouldn't get too nasty, i think | 01:09:15 |
| edef | or every hour, doesn't really matter | 01:09:28 |
| raitobezarius | clickhouse-gc.service | 01:09:37 |
| edef | your biggest concern is like, someone hogging your CPU | 01:09:37 |
| raitobezarius | cgroups for that | 01:09:42 |
| edef | since it does arbitrary computation | 01:09:44 |
| edef | dunno what odds i'd take bets on ClickHouse RCEs for but they're not as huge as you'd like | 01:10:53 |
| edef | dunno how well it responds to seccomping | 01:11:45 |
| edef | it has explicit mechanisms for running arbitrary subprocesses iirc but i don't know what the defaults on that are | 01:12:29 |
| raitobezarius | .o O(cgroup slice per web session) | 01:12:44 |
| edef | whatever faith you place in local code exec ≠ local root is your call :p | 01:13:38 |
| raitobezarius | :> | 01:13:47 |
| edef | (but i'd be short that assertion) | 01:13:51 |
| raitobezarius | this is a builder machine so i can reimage anytime | 01:14:13 |
| raitobezarius | * this is a builder machine so i can reimage it anytime | 01:14:15 |
| edef | good, and i hope you are doing that on a regular basis | 01:14:29 |
| raitobezarius | obviously not | 01:14:41 |
| edef | 😭 | 01:14:46 |
| raitobezarius | someday i will sit down and do proper netboot based stuff for this | 01:14:57 |
| edef | excellent | 01:15:08 |
