Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

One thing that always surprises me, is that people havn't made more of a fuss about docker for mac. By default on install it shares the whole hard disk (unless thats changed), meaning without sudo you can get privileged access to the whole filesystem. I scope it down to my user folder, but the defaults are dangerous.


Do you also think running any regular software is "dangerous"? Because that gets to access your disk as well. Docker is not for security isolation, it is for distributing apps so they'll even run on your mac.


While your point about Docker’s primary purpose is valid, containerization is commonly used for security isolation as well. With proper configuration, it can be very useful towards this end.

Can you suggest any preferred alternative methods of isolation that offer similar efficacy and ease of use for quickly running complete software systems made by an unknown/untrusted actor?


> With proper configuration, it can be very useful towards this end.

It can. I think it's fair to assume that the standard developer setup to let them be productive is not this proper configuration.

> Can you suggest any preferred alternative methods of isolation that offer similar efficacy and ease of use for quickly running complete software systems made by an unknown/untrusted actor?

No. It's a hard problem! If it was easily solved we wouldn't be seeing all this development surrounding e.g. WebAssembly


Bubblewrap, Firejail, SELinux, etc


containerization is commonly MISused for security isolation


Docker has had security and isolation features since it was competing with LXC on who glued cgroups and namespaces together better — and discussed in those terms the whole time.

While I agree that Docker as written isn’t good at security, your post has big “they’re holding the iPhone wrong!” vibes — and seemingly ignores the historic reasons that people would think it provides security.


> your post has big “they’re holding the iPhone wrong!” vibes

More like "it just isn't meant to be used for that". At least not in the default configuration, and that's fine!

> seemingly ignores the historic reasons that people would think it provides security

I've been using docker since it was announced. People have always been very clear that docker is not a security boundary, at least not with its default configuration.


> People have always been very clear that docker is not a security boundary, at least not with its default configuration.

I’ve also used it since the beginning and that’s some mighty strong revisionism.

Docker was compared to VMs — with a tiny asterisk of fine print that it’s not actually configured to employ security features it’s built with.


> Docker was compared to VMs

By certain people, yes. They have always been wrong. Never by the docker team themselves.


I think your point is valid. Docker was indeed all about developer productivity in the beginning and it's up to infrastructure operator to lock it down.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: