Docker Security: Vulnerabilities and Best Practices

Docker has provided tremendous benefits over traditional hypervisors. However, most of its components are shared with the host kernel. So, if proper security measures are not taken, the host system can be at risk of being compromised and let an attacker take control of it.

In this lesson, we will see some Docker vulnerabilities and best practices along with some security tips.

Risks

There are multiple risks associated with Docker containers and images.

Host machine access

Since containers use the host’s kernel as a shared kernel for running processes, a compromised container kernel can exploit or attack the entire host system.

Container breakouts

If somehow, a user is able to escape the container namespace, it will be able to interact with the other processes on the host and can stop or kill the processes.

Max resource utilization

Sometimes a container uses all the resources of the host machine if it is not restricted. This will force other services to halt and stop the execution.

Attack using untrusted images

Docker allows us to run all images present on Docker Hub as well as a local build. So, when an image from an untrusted source is run on the machine, the attacker’s malicious program may get access to the kernel or steal all the data present in the container and mounted volumes. ...