Closed atomotic closed 8 years ago
ikreymer
commented
9 years ago Ah, thanks for this.. I wonder if there is a way around this.. With Swarm, I am not exposing this socket, but the swarm socket, although it seems that the risks would be similar.. I guess the risk is volume mounting specifically..
atomotic
commented
9 years ago maybe this https://github.com/jpetazzo/dind or using http endpoint and not the socket (not sure if is still available in docker or is a deprecated feature). i'll investigate a bit further
ikreymer
commented
8 years ago Hm, thinking about this more, I don't really think this as much a concern, as the socket is exposed to the application container (netcapsule/app), not the individual browser containers.. So, yes, if an attacker gains access to the application container, that would be an issue.. But, that's no different than if an attacker gains access to the host machine itself.. The individual browser containers, which is what is served over vnc, do not have access to the socket and can not spawn new containers..
i suggest to add a disclaimer to the README specifying potential security issues in running netcapsule on public machines: exposing the docker socket could lead to obtain root privileges
http://image.slidesharecdn.com/opscon-devooops-151015101501-lva1-app6892/95/road-to-opscon-pisa-15-devooops-54-638.jpg?cb=1444905494