|
|
|
|
|
|
by jdleesmiller
3714 days ago
|
|
|
(Author here.) So far as I can tell, it's not that there are known, specific things that one can do to break out of a docker container as root; it's just that the space of possible things you can do is larger, so there is more surface area for you to attack. So, following the principle of least privilege [1], you should avoid running as root, if you reasonably can, and in most cases it's not that hard to do. [1] https://en.wikipedia.org/wiki/Principle_of_least_privilege |
|
|