Does the word “container” intimate containment, suggesting that containers are inherently secure? If it does, any such assumption of security may be the broadest Docker vulnerability to date.
“One of the biggest threats I see with Docker is its positioning and the implied security in the language. The reality is that these containers don’t contain anything,” says Aaron Cois, Researcher, CERT Division, Software Engineering Institute, Carnegie Mellon University. Yet, that is the implication.
Just as those who thought Linux or VMs were secure enough on their own were mistaken, so those who believe that containers put a lid on security will be sorely disappointed. Today, Linux environments require network, OS / host security, Internet security, and web application security measures similar to those used with other platforms. Tools like security auditing / PEN testing, firewalls / WAFs, anvi-virus and anti-malware tools, DLP, IDS/IPS, remediation tools, and really the gamut of security measures similar to what Microsoft environments require are increasingly needed to defend data in Linux environments. “Likewise, operations can give developers tools to log into the VSphere console to create and change VMs while limiting their privileges,” says Cois.
And so, containers also require appropriate security measures. “Developers and non-admin operations staff don’t need to log into the host command line to work, and no one in security wants them to,” says Cois. But today’s Docker workflow not only permits but requires it.
The Root of the Problem…
Nice article, there is a lot of hype both about Docker and about the security implications. Anything with this much hype will have its detractors. One thing I took issue with is that by your logic, you could say that passwords aren’t a sufficient method of controlling access, because social engineering could be used to retrieve a user’s credentials. I would think it is common sense that an organization would roll their own Docker images in production, not pull from the Docker Hub. I am looking into it for my business, and I plan to create our own local repository for images, never use the hub, not even for development. I am already rolling my own, and it is as simple as tarring up a vanilla filesystem and piping it into docker import – .