I've read (Running headless Chrome / Puppeteer with --no-sandbox) that --no-sandbox has security risks, but why? I am on Ubuntu 16.04 and node.js. I don't know what the setting does, so can someone explain.
I've read the short snippet from here: https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting.md, but I still don't know what this sandbox is for. A page on the headless browser can't have security problems unless it finds a loophole and downloads files right?
question from:https://stackoverflow.com/questions/65661064/puppeteer-no-sandbox-security-risk
