On 6/21/2015 10:38 PM, Tom Metro wrote:
The Docker daemon runs as root. If the non-privileged user starting FF
is put in the docker group and allowed to start any container, then yes,
they have root. If instead a SetUID script or sudo rule is used to
launch a specific container, which does not launch a root shell, then
the resulting container and FF process won't have root privileges.
Docker requires root to initialize containers. It's how Docker was
designed. It's a known design flaw and the Docker folks have gone on
record stating that they don't intend to fix it. So, if you're going to
let me start Docker containers then I will be able to elevate myself to
root on the host. The only way to stop me is not to let me start Docker
containers at all.
Docker does not work "perfectly well" in the first place in my experience.
That may very well be your experience. But some of us use it daily and
find that it does the intended job.
FSVO "intended". My experience is that developers have been using Docker
to rationalize piss-poor deployment practices. It doesn't matter to them
if their run time environments are utter hell for users to recreate,
just put it all in a container and copy the hell everywhere.
One most egregious example that I've had to deal with, a project called
ShareLaTeX, their environments are so bad that their containers are the
only supported way of deploying. So bad that their containers don't work
outside of their own environments.
--
Rich P.
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss
