I’m running my ide in a docker container. I can use the terminal to access anything in this container. So, the source code of my IDE is accessable as well.
I tried the gitpod(online version) of gitlab. And I can access its source code too:
My point is that the frontend and backend of theia are not as separated as traditional web applications: people use http requests to get data from browser and can’t access backend source code.
Terminal is not the only way to access my source code in the container. Users can also use
Open File to access the entire file system.
So, is there any way to prevent users from accessing the source code of my IDE such as using linux namespaces to limit the directories that users can access?