Jérôme Petazzoni, senior engineer at dotCloud, examined the progress of security concerning Docker compared with other virtualization and container like technology in his recent blog post "CONTAINERS & DOCKER: HOW SECURE ARE THEY?". Jérôme makes a case for the techniques that secure Docker, in spite of the techniques requiring sophisticated configuration, expert knowledge, and usage of supporting technologies available already in Linux (e.g. SELinux).
Docker uses two primary technologies in Linux to make containers possible, these include cgroups and namespaces. Jérôme acknowledged that Docker essentially provides the same capabilities as LXC and also has the same security risks. Docker aligns with the principle of least privilege in the way it configures its containers as they start, however Docker itself must run as root and so must the root user of its containers. The Linux Kernel is the limiting factor currently requiring root. This means that users should take care to protect the Docker daemon along with access to its REST api. Jérôme states things will improve:
The end goal for Docker is therefore to implement two additional security improvements:
- map the root user of a container to a non-root user of the Docker host, to mitigate the effects of a container-to-host privilege escalation;
- allow the Docker daemon to run without root privileges, and delegate operations requiring those privileges to well-audited sub-processes, each with its own (very limited) scope: virtual network setup, filesystem management, etc."
Community comments
Good summary, one typo
by John Doe,
Re: Good summary, one typo
by Aslan Brooke,
Good summary, one typo
by John Doe,
Your message is awaiting moderation. Thank you for participating in the discussion.
Good summary. In the last sentence, you have a "there" that should be "their". -- Thanks!
Re: Good summary, one typo
by Aslan Brooke,
Your message is awaiting moderation. Thank you for participating in the discussion.
Thanks. Typo corrected as well.