Adjust su-exec references, especially to note the severe years-long…

… issue with 0.3
tianon · Jun 3, 2024 · 6828632 · 6828632
1 parent 2189d77
commit 6828632
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 6 deletions.
diff --git a/INSTALL.md b/INSTALL.md
@@ -50,8 +50,6 @@ RUN set -eux; \
 
 ## `FROM alpine` (3.7+)
 
-**Note:** when using Alpine, it's probably also worth checking out [`su-exec`](https://github.com/ncopa/su-exec) (`apk add --no-cache su-exec`) instead, which since version 0.2 is fully `gosu`-compatible in a fraction of the file size.
-
 ```dockerfile
 ENV GOSU_VERSION 1.17
 RUN set -eux; \

diff --git a/README.md b/README.md
@@ -58,10 +58,6 @@ If you're curious about the edge cases that `gosu` handles, see [`Dockerfile.tes
 
 ## Alternatives
 
-### `su-exec`
-
-As mentioned in `INSTALL.md`, [`su-exec`](https://github.com/ncopa/su-exec) is a very minimal re-write of `gosu` in C, making for a much smaller binary, and is available in the `main` Alpine package repository.
-
 ### `chroot`
 
 With the `--userspec` flag, `chroot` can provide similar benefits/behavior:
@@ -82,6 +78,10 @@ USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
 nobody 1 5.0 0.0 9592 1252 pts/0 RNs+ 23:21 0:00 ps faux
 ```
 
+### `su-exec`
+
+In the Alpine Linux ecosystem, [`su-exec`](https://github.com/ncopa/su-exec) is a minimal re-write of `gosu` in C, making for a much smaller binary, and is available in the `main` Alpine package repository. However, as of version 0.3 it has [a pretty severe parser bug](https://github.com/ncopa/su-exec/pull/26) that hasn't been in a release for many years (and which the buggy behavior is that typos lead to running code as root unexpectedly 😬).
+
 ### Others
 
 I'm not terribly familiar with them, but a few other alternatives I'm aware of include: