• @residentmarchant
    link
    English
    2341 year ago

    There’s no way the model has access to that information, though.

    Google’s important product must have proper scoped secret management, not just environment variables or similar.

    • @nomecks
      link
      1111 year ago

      There’s no root login. It’s all containers.

      • @residentmarchant
        link
        English
        131 year ago

        The containers still run an OS, have proprietary application code on them, and have memory that probably contains other user’s data in it. Not saying it’s likely, but containers don’t really fix much in the way of gaining privileged access to steal information.

      • @Venat0r
        link
        91 year ago

        The containers will have a root login, but the ssh port won’t be open.

        • @[email protected]
          link
          fedilink
          41 year ago

          I doubt they even have a root user. Just whatever system packagea are required baked into the image

        • @[email protected]
          link
          fedilink
          21 year ago

          Containers can be entirely without anything. Some containers only contain the binary that gets executed. But many containers do contain pretty much a full distribution, but I have yet to see a container with a password hash in its /etc/shadow file…

          So while the container has a root account, it doesn’t have any login at all, no password, no ssh key, nothing.

    • @SpaceNoodle
      link
      71 year ago

      It does if they uploaded it to github

      • @residentmarchant
        link
        English
        61 year ago

        In that case, it’ll steal someone else’s secrets!

    • @Ziglin
      link
      11 year ago

      But you could get it to convince the admin to give you the password, without you having to do anything yourself.