Meta tags:
description= Review of the Docker Daemon attack surface;
keywords= Docker,Docker,documentation,security;
Headings (most frequently used words):
docker, kernel, security, engine, namespaces, control, groups, daemon, attack, surface, linux, capabilities, content, trust, signature, verification, other, features, conclusions, related, information, what, can, help, you, with,
Text of the page (most frequently used words):
docker (142), the (109), and (82), with (47), container (38), use (34), #engine (34), security (32), for (32), containers (31), you (31), driver (31), image (26), this (25), can (25), swarm (24), your (24), daemon (23), that (23), are (22), build (21), kernel (19), network (19), access (18), capabilities (17), run (17), manage (17), images (16), logging (15), compose (15), root (14), release (14), features (13), content (13), trust (13), host (13), they (13), from (13), storage (13), namespaces (12), cli (12), create (12), how (12), all (11), service (11), control (11), more (11), configuration (11), faqs (11), notes (11), scout (11), cache (11), settings (10), other (10), mode (10), user (10), management (10), usage (10), information (9), linux (9), processes (9), also (9), like (9), file (9), when (9), api (9), desktop (9), configure (9), v17 (9), reference (8), even (8), running (8), start (8), code (8), started (8), support (8), troubleshoot (8), extension (8), model (7), default (7), just (7), means (7), set (7), new (7), server (7), get (7), deploy (7), feedback (7), variables (7), v18 (7), signature (6), verification (6), groups (6), profiles (6), secure (6), feature (6), add (6), system (6), non (6), users (6), not (6), tools (6), need (6), many (6), examples (6), best (6), within (6), ssh (6), local (6), data (6), setup (6), registry (6), migrate (6), logs (6), quickstart (6), plugin (6), bake (6), drivers (6), attack (5), apparmor (5), trusted (5), another (5), provide (5), those (5), only (5), one (5), key (5), through (5), some (5), nodes (5), should (5), services (5), its (5), platform (5), socket (5), share (5), between (5), multi (5), metrics (5), networking (5), open (5), hardened (5), account (5), subscription (5), practices (5), extensions (5), github (5), environment (5), builds (5), attestations (5), gordon (5), plugins (5), surface (4), but (4), without (4), policies (4), using (4), templates (4), checks (4), doesn (4), systems (4), there (4), than (4), less (4), isolation (4), instead (4), deny (4), filesystem (4), device (4), privileges (4), meaning (4), log (4), such (4), rest (4), resource (4), each (4), design (4), architecture (4), store (4), change (4), billing (4), deprecated (4), integration (4), guides (4), marketplace (4), integrations (4), tos (4), install (4), repository (4), concepts (4), customize (4), migration (4), overview (4), agent (4), mcp (4), secrets (4), exporters (4), remote (4), thread (4), related (3), conclusions (3), contents (3), make (3), safety (3), selinux (3), grsec (3), hardening (3), command (3), directly (3), allows (3), outside (3), help (3), available (3), including (3), works (3), time (3), while (3), different (3), possible (3), existing (3), well (3), enable (3), configured (3), repositories (3), json (3), capability (3), except (3), their (3), mounts (3), either (3), web (3), see (3), much (3), files (3), therefore (3), has (3), course (3), process (3), single (3), unix (3), first (3), limiting (3), over (3), have (3), endpoint (3), tcp (3), connections (3), certificates (3), machine (3), permission (3), provision (3), cannot (3), directory (3), similar (3), sharing (3), applications (3), was (3), public (3), private (3), resources (3), namespace (3), interfaces (3), interact (3), view (3), bridge (3), claude (3), docs (3), copy (3), manuals (3), advanced (3), custom (3), roles (3), core (3), sign (3), general (3), insights (3), products (3), authentication (3), accounts (3), cloud (3), continuous (3), sdk (3), binaries (3), kubernetes (3), publish (3), labels (3), source (3), actions (3), azure (3), amazon (3), registries (3), policy (3), explore (3), optimize (3), export (3), push (3), software (3), tags (3), search (3), hub (3), give (3), windows (3), mac (3), beta (3), gpu (3), debian (3), ubuntu (3), chart (3), experimental (3), dmr (3), troubleshooting (3), toolkit (3), building (3), multiple (3), introduction (3), dockerfile (3), buildkit (3), functions (3), contexts (3), rights (2), status (2), llms (2), full (2), txt (2), about (2), table (2), request (2), page (2), overlay (2), seccomp (2), ways (2), requests (2), pull (2), extra (2), quite (2), privileged (2), additional (2), implementation (2), post (2), facility (2), enabled (2), third (2), party (2), harden (2), itself (2), own (2), favorite (2), comes (2), box (2), instance (2), both (2), specific (2), since (2), apply (2), wide (2), kernels (2), known (2), enforcing (2), signed (2), built (2), into (2), binary (2), dockerd (2), addition (2), removal (2), profile (2), may (2), explicitly (2), given (2), used (2), affect (2), malicious (2), allowlist (2), needed (2), escalate (2), loading (2), operations (2), immutable (2), sockets (2), packet (2), most (2), cases (2), real (2), separation (2), never (2), commands (2), specifically (2), firewall (2), daemons (2), typically (2), splunk (2), necessary (2), app (2), cron (2), servers (2), almost (2), infrastructure (2), around (2), fine (2), bind (2), port (2), areas (2), where (2), restricted (2), what (2), recommended (2), move (2), admin (2), disk (2), now (2), platforms (2), being (2), effort (2), privilege (2), causing (2), tls (2), sock (2), http (2), aware (2), limit (2), hosts (2), early (2), startup (2), ensure (2), attacks (2), then (2), allowed (2), virtual (2), important (2), details (2), rootless (2), been (2), initially (2), merged (2), play (2), gets (2), mature (2), production (2), openvz (2), version (2), stack (2), specify (2), common (2), links (2), markdown (2), organization (2), tokens (2), permissions (2), enforce (2), mapping (2), providers (2), domains (2), installer (2), deactivate (2), enterprise (2), scale (2), two (2), history (2), update (2), lifecycle (2), testcontainers (2), backend (2), dashboard (2), test (2), developer (2), metadata (2), arch (2), part (2), environments (2), quality (2), evaluate (2), collection (2), artifact (2), types (2), sboms (2), exception (2), vex (2), delete (2), program (2), options (2), automated (2), mirror (2), library (2), builder (2), uninstall (2), releases (2), restore (2), wsl (2), containerd (2), volumes (2), rhel (2), fedora (2), requirements (2), slsa (2), provenance (2), select (2), verify (2), node (2), testing (2), models (2), engines (2), runner (2), agents (2), sandboxes (2), catalog (2), oci (2), legacy (2), opentelemetry (2), debugging (2), annotations (2), validation (2), workflow (2), targets (2), builders (2), v26 (2), protect (2), work (2), format (2), output (2), proxy (2), answers (2), documentation (2), questions (2), helpful (2), assistant (2), copyright, 2013, 2026, inc, reserved, legal, terms, cookies, pricing, product, offerings, changes, edit, 2014, think, welcome, comments, community, forums, layer, enabling, appropriate, especially, inside, refer, line, found, blog, supported, mapped, uid, which, mitigate, risks, breakout, augment, special, topologies, shared, filesystems, exist, modify, define, mechanism, distribution, them, out, ship, template, red, hat, these, net, though, overlaps, greatly, pax, adds, compile, defeats, exploits, thanks, techniques, address, randomization, require, independent, currently, enables, interfere, here, few, provided, modern, leverage, tomoyo, etc, configuring, provides, insight, administrators, previously, performing, trustpinning, whereby, specified, pulled, supports, allowing, practice, would, remove, required, primary, risk, incomplete, independently, combination, vulnerabilities, regular, apps, reduces, vectors, considerably, drops, denylist, approach, list, manpages, intruder, manages, harder, serious, damage, module, creating, changing, owner, altering, attributes, flag, raw, prevent, spoofing, mount, reduced, happens, concerns, perform, engineered, behave, router, route, ifconfig, hardware, irrelevant, equivalent, udevd, handed, loggly, dedicated, tailored, needs, scheduling, rather, managed, typical, several, modules, because, tasks, handled, turn, dichotomy, grained, below, 1024, granted, usually, lot, net_bind_service, starts, does, mean, finally, exclusively, controlled, keep, probably, least, monitoring, supervision, nrpe, collectd, potentially, vulnerable, inputs, extracted, chrooted, subprocess, step, wider, toward, stored, accessed, cryptographic, checksums, possibility, attacker, collision, load, prefer, path, var, docker_host, expose, decide, however, above, mentioned, implications, note, accesses, still, accessible, easily, result, escalation, endpoints, exposing, permitted, causes, fail, reachable, vpn, unauthenticated, https, mandatory, reason, communicate, changed, uses, bound, 127, latter, prone, cross, site, forgery, happen, traditional, strong, implication, example, instrument, careful, usual, parameter, checking, sure, pass, crafted, parameters, arbitrary, direct, consequence, powerful, guest, alter, any, restriction, virtualization, allow, nothing, prevents, block, implies, requires, unless, opt, 2006, role, preventing, accessing, affecting, essential, fend, off, denial, particularly, tenant, paas, guarantee, consistent, uptime, performance, misbehave, component, implement, accounting, useful, fair, memory, cpu, importantly, bring, down, exhausting, providing, were, introduced, july, 2008, date, exercised, scrutinized, large, number, inspiration, older, actually, reimplement, way, could, mainstream, released, 2005, pretty, accordingly, respective, external, ports, traffic, ping, send, receive, udp, packets, establish, point, sitting, physical, machines, connected, ethernet, switch, straightforward, form, very, lxc, behind, scenes, creates, loopholes, customized, intrinsic, cgroups, four, major, consider, reviewing, ask, home, air, gapped, reporting, console, limitations, eci, enhanced, auto, group, scim, identity, enforcement, microsoft, dev, jamf, pro, intune, pkg, msi, activity, owners, organizations, company, teams, members, convert, onboard, administration, license, agreement, seats, compare, announcements, recover, factor, personal, submit, tax, exemption, certificate, cycle, invoices, payment, method, navigation, apis, debug, invoke, interacting, mui, principles, guidelines, styling, package, validate, frontend, simple, slack, team, collaboration, sysdig, generic, integrating, jenkins, gitlab, circle, devops, pipelines, artifactory, ecr, sonarqube, remediation, compliance, health, scores, evaluation, advisory, database, sources, matching, deep, dive, gui, vulnerability, exceptions, exporter, analysis, pulls, limits, archive, analytics, sponsored, verified, publisher, official, autobuilds, tests, link, webhooks, bulk, artifacts, catalogs, optimization, offload, macos, damaged, dialog, issues, topics, diagnose, backup, maintenance, manager, wasm, workloads, synchronized, shares, usb, pause, saver, vdi, stig, ssdlc, supply, chain, immutability, digests, glibc, musl, fips, distroless, cves, signing, cis, benchmark, dhi, scan, packages, helm, python, wolfi, alpine, assisted, checklist, malware, scanning, responsibility, scanner, privacy, inference, webui, ide, tool, faq, workspace, credentials, defaults, layers, kits, shell, opencode, kiro, gemini, droid, cursor, copilot, codex, e2b, gateway, dynamic, discovery, evals, rag, toolsets, acp, a2a, coding, provider, include, extend, merge, watch, dependent, interpolation, pre, defined, precedence, order, hooks, project, name, standalone, development, why, syntax, buildkitd, toml, tar, definitions, sbom, attestation, input, git, validating, description, before, jobs, reproducible, named, summary, inline, blob, backends, garbage, invalidation, definition, overriding, configurations, standard, matrix, expressions, inheritance, base, interface, cdi, stage, context, prior, v19, v20, v23, v24, v25, v27, v28, v29, config, volume, authorization, routing, mesh, configs, raft, consensus, networks, sensitive, lock, encryption, join, task, states, pki, drain, rolling, updates, inspect, getting, administer, maintain, client, isolate, events, sandbox, keys, notary, delegations, automation, antivirus, tips, syslog, journald, graylog, extended, google, fluentd, etw, cloudwatch, prune, unused, objects, object, read, collect, prometheus, alternative, runtimes, live, ipv6, filter, completion, runtime, constraints, automatically, none, macvlan, ipvlan, publishing, filtering, firewalls, nftables, iptables, zfs, windowsfilter, vfs, overlayfs, mapper, btrfs, tmpfs, installation, steps, centos, raspberry, bit, armhf, back, generated, based, considers, current, viewing, relevant, reached, maximum, per, better, answer, remaining, org, try, asking, chat,
Text of the page (random words):
tings backup and restore data troubleshoot and support troubleshoot and diagnose common topics known issues macos app damaged dialog faqs general mac windows linux releases give feedback uninstall release notes docker offload quickstart about configure usage optimize usage troubleshoot give feedback docker build cloud setup usage continuous integration optimization builder settings release notes docker hub quickstart library search trusted content catalogs mirror repositories create manage repository information access images tags immutable tags image management software artifacts push images move images bulk migrate images image security insights webhooks automated builds deprecated set up link accounts automated repository tests advanced options migrate manage autobuilds troubleshoot trusted content docker official images docker verified publisher program docker sponsored open source program insights and analytics export repositories archive delete settings usage and limits pulls optimize usage troubleshoot release notes docker scout install quickstart explore dashboard docker scout image analysis docker scout metrics exporter image details view manage vulnerability exceptions how tos create an exception using the gui create an exception using the vex docker scout environment variables docker scout sboms use scout with different artifact types deep dive advisory database sources and matching service data collection and storage in docker scout policy evaluation configure policies docker scout health scores evaluate policy compliance in ci remediation with docker scout view docker scout policy status integrations code quality sonarqube container registries amazon ecr artifactory container registry azure container registry continuous integration azure devops pipelines circle ci github actions gitlab ci cd jenkins integrating docker scout with environments generic cli sysdig source code management github team collaboration slack release notes cli release notes platform release notes docker extensions marketplace extensions non marketplace extensions configure a private marketplace settings and feedback extensions sdk the build and publish process quickstart part one build create a simple extension create an advanced frontend extension add a backend to your extension part two publish add labels validate package and release your extension share your extension publish in the marketplace build multi arch extensions architecture metadata security design and ui styling guidelines docker design principles mui best practices developer guides authentication interacting with kubernetes invoke host binaries use the docker socket developer sdk tools test and debug continuous integration ci cli reference extension apis dashboard docker extension backend extension ui api navigation testcontainers cloud deprecated products and features release lifecycle platform support billing add or update a payment method manage your billing information 3d secure authentication invoices and billing history change your billing cycle submit a tax exemption certificate faqs docker accounts accounts create an account manage an account deactivate an account security personal access tokens two factor authentication recover your docker account faqs general container network and vm security announcements subscription compare subscription set up your subscription scale your subscription manage seats change your subscription docker desktop license agreement faqs release notes enterprise administration organization setup create onboard change information convert account manage members teams docker products deactivate faqs company create manage organizations owners users faqs activity logs insights deploy docker desktop msi installer pkg installer ms store deploy with intune deploy with jamf pro microsoft dev box faqs security add and manage domains single sign on setup manage connections troubleshoot faqs general domains enforcement identity providers user management provision scim setup group mapping migrate just in time auto provision troubleshoot enforce sign in configure roles and permissions core roles custom roles hardened docker desktop enhanced container isolation enable eci configure advanced settings limitations faqs settings management use a json file use the admin console desktop settings reporting settings reference air gapped containers registry access management image access management namespace access organization access tokens home manuals docker engine security docker engine security copy as markdown open markdown ask docs ai claude open in claude table of contents kernel namespaces control groups docker daemon attack surface linux kernel capabilities docker content trust signature verification other kernel security features conclusions related information there are four major areas to consider when reviewing docker security the intrinsic security of the kernel and its support for namespaces and cgroups the attack surface of the docker daemon itself loopholes in the container configuration profile either by default or when customized by users the hardening security features of the kernel and how they interact with containers kernel namespaces docker containers are very similar to lxc containers and they have similar security features when you start a container with docker run behind the scenes docker creates a set of namespaces and control groups for the container namespaces provide the first and most straightforward form of isolation processes running within a container cannot see and even less affect processes running in another container or in the host system each container also gets its own network stack meaning that a container doesn t get privileged access to the sockets or interfaces of another container of course if the host system is setup accordingly containers can interact with each other through their respective network interfaces just like they can interact with external hosts when you specify public ports for your containers or use links then ip traffic is allowed between containers they can ping each other send receive udp packets and establish tcp connections but that can be restricted if necessary from a network architecture point of view all containers on a given docker host are sitting on bridge interfaces this means that they are just like physical machines connected through a common ethernet switch no more no less how mature is the code providing kernel namespaces and private networking kernel namespaces were introduced between kernel version 2 6 15 and 2 6 26 this means that since july 2008 date of the 2 6 26 release namespace code has been exercised and scrutinized on a large number of production systems and there is more the design and inspiration for the namespaces code are even older namespaces are actually an effort to reimplement the features of openvz in such a way that they could be merged within the mainstream kernel and openvz was initially released in 2005 so both the design and the implementation are pretty mature control groups control groups are another key component of linux containers they implement resource accounting and limiting they provide many useful metrics but they also help ensure that each container gets its fair share of memory cpu disk i o and more importantly that a single container cannot bring the system down by exhausting one of those resources so while they do not play a role in preventing one container from accessing or affecting the data and processes of another container they are essential to fend off some denial of service attacks they are particularly important on multi tenant platforms like public and private paas to guarantee a consistent uptime and performance even when some applications start to misbehave control groups have been around for a while as well the code was started in 2006 and initially merged in kernel 2 6 24 docker daemon attack surface running containers and applications with docker implies running the docker daemon this daemon requires root privileges unless you opt in to rootless mode and you should therefore be aware of some important details first of all only trusted users should be allowed to control your docker daemon this is a direct consequence of some powerful docker features specifically docker allows you to share a directory between the docker host and a guest container and it allows you to do so without limiting the access rights of the container this means that you can start a container where the host directory is the directory on your host and the container can alter your host filesystem without any restriction this is similar to how virtualization systems allow filesystem resource sharing nothing prevents you from sharing your root filesystem or even your root block device with a virtual machine this has a strong security implication for example if you instrument docker from a web server to provision containers through an api you should be even more careful than usual with parameter checking to make sure that a malicious user cannot pass crafted parameters causing docker to create arbitrary containers for this reason the rest api endpoint used by the docker cli to communicate with the docker daemon changed in docker 0 5 2 and now uses a unix socket instead of a tcp socket bound on 127 0 0 1 the latter being prone to cross site request forgery attacks if you happen to run docker directly on your local machine outside of a vm you can then use traditional unix permission checks to limit access to the control socket you can also expose the rest api over http if you explicitly decide to do so however if you do that be aware of the above mentioned security implications note that even if you have a firewall to limit accesses to the rest api endpoint from other hosts in the network the endpoint can be still accessible from containers and it can easily result in the privilege escalation therefore it is mandatory to secure api endpoints with https and certificates exposing the daemon api over http without tls is not permitted and such a configuration causes the daemon to fail early on startup see unauthenticated tcp connections it is also recommended to ensure that it is reachable only from a trusted network or vpn you can also use docker_host ssh user host or ssh l path to docker sock var run docker sock instead if you prefer ssh over tls the daemon is also potentially vulnerable to other inputs such as image loading from either disk with docker load or from the network with docker pull as of docker 1 3 2 images are now extracted in a chrooted subprocess on linux unix platforms being the first step in a wider effort toward privilege separation as of docker 1 10 0 all images are stored and accessed by the cryptographic checksums of their contents limiting the possibility of an attacker causing a collision with an existing image finally if you run docker on a server it is recommended to run exclusively docker on the server and move all other services within containers controlled by docker of course it is fine to keep your favorite admin tools probably at least an ssh server as well as existing monitoring supervision processes such as nrpe and collectd linux kernel capabilities by default docker starts containers with a restricted set of capabilities what does that mean capabilities turn the binary root non root dichotomy into a fine grained access control system processes like web servers that just need to bind on a port below 1024 do not need to run as root they can just be granted the net_bind_service capability instead and there are many other capabilities for almost all the specific areas where root privileges are usually needed this means a lot for container security typical servers run several processes as root including the ssh daemon cron daemon logging daemons kernel modules network configuration tools and more a container is different because almost all of those tasks are handled by the infrastructure around the container ssh access are typically managed by a single server running on the docker host cron when necessary should run as a user process dedicated and tailored for the app that needs its scheduling service rather than as a platform wide facility log management is also typically handed to docker or to third party services like loggly or splunk hardware management is irrelevant meaning that you never need to run udevd or equivalent daemons within containers network management happens outside of the containers enforcing separation of concerns as much as possible meaning that a container should never need to perform ifconfig route or ip commands except when a container is specifically engineered to behave like a router or firewall of course this means that in most cases containers do not need real root privileges at all and therefore containers can run with a reduced capability set meaning that root within a container has much less privileges than the real root for instance it is possible to deny all mount operations deny access to raw sockets to prevent packet spoofing deny access to some filesystem operations like creating new device nodes changing the owner of files or altering attributes including the immutable flag deny module loading this means that even if an intruder manages to escalate to root within a container it is much harder to do serious damage or to escalate to the host this doesn t affect regular web apps but reduces the vectors of attack by malicious users considerably by default docker drops all capabilities except those needed an allowlist instead of a denylist approach you can see a full list of available capabilities in linux manpages one primary risk with running docker containers is that the default set of capabilities and mounts given to a container may provide incomplete isolation either independently or when used in combination with kernel vulnerabilities docker supports the addition and removal of capabilities allowing use of a non default profile this may make docker more secure through capability removal or less secure through the addition of capabilities the best practice for users would be to remove all capabilities except those explicitly required for their processes docker content trust signature verification docker engine can be configured to only run signed images the docker content trust signature verification feature is built directly into the dockerd binary this is configured in the dockerd configuration file to enable this feature trustpinning can be configured in daemon json whereby only repositories signed with a user specified root key can be pulled and run this feature provides more insight to administrators than previously available with the cli for enforcing and performing image signature verification for more information on configuring docker content trust signature verification go to content trust in docker other kernel security features capabilities are just one of the many security feature...
|
