Docker Security

Creating file /root/secrets.txt

./create_file.sh

User namespace:

$ sudo vim /etc/docker/daemon.json
{
  "userns-remap": "default"
}
$ sudo systemctl restart docker.service
$ sudo id dockremap
$ sudo cat /etc/subuid
$ sudo cat /etc/subgid

$ docker run --rm -v /root/secrets.txt:/tmp/secrets.txt alpine cat /tmp/secrets.txt

More info https://docs.docker.com/engine/security/userns-remap/

Docker Rootless: It's another good option, but it has some limitations https://docs.docker.com/engine/security/rootless/

TODO:

AppArmor
Seccomp
SELinux
Open Policy Agent

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
1-insecure		1-insecure
10-rootless-mode		10-rootless-mode
11-cosign		11-cosign
12-remap		12-remap
2-run-with-user		2-run-with-user
3-run-as-user		3-run-as-user
4-run-nginx		4-run-nginx
5-change-user-id		5-change-user-id
6-priveleged		6-priveleged
7-capabilities		7-capabilities
8-content-trust		8-content-trust
9-docker-tls		9-docker-tls
LICENSE		LICENSE
README.md		README.md
create_file.sh		create_file.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Docker Security

About

Releases

Packages

Languages

License

mario21ic/docker-security

Folders and files

Latest commit

History

Repository files navigation

Docker Security

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages