This is an enhancement to increase security in case somebody can exploit SSHD or segfaultsh:
Have a separate container where the sf-scheduler runs. Listen on a socket.
Let SSHD drop into a dummy programm that connects to the socket and forward the SECRET to the sf-scheduler
SSHD connects stdin/stdout etc.
scheduler starts user container
This way any vulnerability in sshd or segfaultsh would not allow attacker to gain root on host via docker.socket.
thanks for mochaaP for a great discussion.
The best solution would be to implement a docker-docker firewall that intercepts any commands on the docker socket(regex) and only allows certain commands.
It's easily done but needs man-power to write the code. (I guess i can be done in 120 lines of python).
This is an enhancement to increase security in case somebody can exploit SSHD or segfaultsh:
thanks for mochaaP for a great discussion.
The best solution would be to implement a docker-docker firewall that intercepts any commands on the docker socket(regex) and only allows certain commands.
It's easily done but needs man-power to write the code. (I guess i can be done in 120 lines of python).