When the container first authenticates it places the username and password for authentication into the console log which is then captured by Docker. I'm not sure how much of an issue this is as the user needs access to the docker log command to read it, it would however also be residing on the file system which, may be secured or not. I suppose if there's only one user on the machine it's moot but if there was more than one I have concerns. I don't think Docker itself has any access control system - i.e. if you can run docker log you can run it on any container.
harleylang
commented
2 years ago
When the container first authenticates it places the username and password for authentication into the console log which is then captured by Docker. I'm not sure how much of an issue this is as the user needs access to the
docker logcommand to read it, it would however also be residing on the file system which, may be secured or not. I suppose if there's only one user on the machine it's moot but if there was more than one I have concerns. I don't think Docker itself has any access control system - i.e. if you can rundocker logyou can run it on any container.