dvm runs insecure by default

fnichol / dvm

An on demand Docker virtual machine, thanks to Vagrant and boot2docker. Works great on Macs and other platforms that don't natively support the Docker daemon. Support VirtualBox, VMware, and Parallels.

http://fnichol.github.io/dvm

Apache License 2.0

458 stars 71 forks source link

dvm runs insecure by default #40

Open dlitz opened 10 years ago

dlitz commented 10 years ago

When dvm starts boot2docker, it enables port forwarding on the host, which makes the docker VM immediately available for anyone in the world to control, if they can connect to ports 2020 or 4243 on the host. (Docker itself requires no authentication, and SSH works with a default username and password of docker and tcuser.)

(Using VMware Fusion.)

fnichol commented 10 years ago

I've managed to close the Docker socket port forwarding and will now look at the SSH one. At the very least, some mention of running a reasonable firewall on your workstation may be warrented in the readme--that was my implicit expectation anyway :smile: