|
|
|
|
|
|
by dijit
1302 days ago
|
|
|
It's controversial because there are definitely a contingent of people who really want to believe docker adds a realistic layer of security isolation. But no credible security researcher, security engineer or even Docker the company itself has ever considered Docker the container runtime to be a security mechanism (well, outside of the fact it's leveraging kernel namespaces)[0]. There's also a lot of really bad security hygiene when it comes to running docker images even if they could be secure: Docker runs programs by default as root and this gives programs quite a lot of possibility to escape a container, many containers are used in CI (DinD) which exposes the host docker daemon, most containers are not run with `--cap-drop all` which drops capabilities from the kernel[1], I have never seen a container run with `--security-opt=no-new-privileges` which would prevent escalating privileges using `setuid` or `setgid` binaries (leading to the same issue as running everything as root), etc, etc, etc; [0]: https://docs.docker.com/engine/security/ [1]: https://man7.org/linux/man-pages/man7/capabilities.7.html |
|
|