On Sat, Jan 9, 2021 at 2:00 AM Chris Mitchell wrote:
> On Fri, 8 Jan 2021 11:38:59 +0700
> El boulangero wrote:
>
> > Hi Chris,
> >
> > I believe what you refer to is a well-known issue with docker. I have
> > this reference from Apr. 2015:
> >
On Fri, 8 Jan 2021 11:38:59 +0700
El boulangero wrote:
> Hi Chris,
>
> I believe what you refer to is a well-known issue with docker. I have
> this reference from Apr. 2015:
> https://fosterelli.co/privilege-escalation-via-docker.html
>
> This is how docker works. The most easy mitigation is
Hi Chris,
I believe what you refer to is a well-known issue with docker. I have this
reference from Apr. 2015:
https://fosterelli.co/privilege-escalation-via-docker.html
This is how docker works. The most easy mitigation is NOT to add a user to
the docker group. This way, you will always invoke
Control: retitle -1 docker.io: version in Buster does not support
"rootless mode"
Control: fixed -1 20.10.0~rc1+dfsg2-1
Control: severity -1 wishlist
On Fri, Jan 8, 2021 at 11:55 AM Chris wrote:
>
> Package: docker.io
> Version: 18.09.1+dfsg1-7.1+deb10u2
> Severity: critical
> Tags: security
>
Package: docker.io
Version: 18.09.1+dfsg1-7.1+deb10u2
Severity: critical
Tags: security
Justification: root security hole
Dear Maintainer,
Unless I'm missing something, any program running in a Docker container
using the Docker version currently available in Debian stable has a
5 matches
Mail list logo
