Yes I think they are mentioning the same security problem we are having with our jenkins slaves. Any user could run arbitrary code and install a rootkit. Hence the separation towards restricted slaves.
So from that point of view, I don't consider the github actions self runner any less secure than our jenkins slaves. But of course still insecure. -- You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-mxnet/issues/17783#issuecomment-750381129
