Phil
Reputation: 14641
What makes docker secure?
I am interested in understanding what makes docker containers secure.
Is it because one container is separated from another and processes do not have access to each other (basically, isolation)?
Or is it the way that a process gets running? (so different than just running a binary code?)
Thanks
Upvotes: 1
Views: 243
Answers (1)
jpetazzo
Reputation: 15501
This deserves an answer longer than suitable for Stack Overflow :-)
Some interesting reads would be:
- this blog post about Docker and LXC containers security, from august 2013, but still relevant;
- this presentation about LXC and security, from january 2014, more recent but also more terse since it's just a presentation.
TL,DR: processes are isolated, but you also have to take specific steps to lock down some features, otherwise processes can break out of containers. Depending on what you want to run, those steps will be very different.
Upvotes: 4
Related Questions
- Docker container - how non-root user secured?
- Docker, what is it and what is the purpose
- Why are Docker Secrets considered safe?
- Docker understanding
- Running docker securely
- Security of a Docker image
- What security concerns exist when running Docker?
- Securing docker containers
- How do you know that public Docker images are secure?