File tree Expand file tree Collapse file tree 1 file changed +3
-3
lines changed
docs/tutorials/best-practices Expand file tree Collapse file tree 1 file changed +3
-3
lines changed Original file line number Diff line number Diff line change @@ -72,8 +72,8 @@ vulnerable.
7272Coder session tokens and API keys are salted and hashed, so a read-only
7373compromise of the database is unlikely to allow an attacker to log into Coder.
7474However, the database contains the Terraform state for all workspaces, OIDC
75- tokens, and agent tokens, so it is possibile that a read-only attack could
76- enable lateral movement to other systems.
75+ tokens, and agent tokens, so it is possible that a read-only attack could enable
76+ lateral movement to other systems.
7777
7878A successful attack that modifies database state could be escalated to a full
7979takeover of an owner account in Coder which could lead to a complete compromise
@@ -361,7 +361,7 @@ clusters/clouds designated by Coder’s operators (like platform or developer
361361experience teams). End users are granted shell access and from there can execute
362362arbitrary commands.
363363
364- This means that end users have remote code execution priviledges within the
364+ This means that end users have remote code execution privileges within the
365365clusters/clouds that host Coder workspaces.
366366
367367It is important to limit Coder users to trusted insiders and/or take steps to
You can’t perform that action at this time.
0 commit comments