Reputation: 2378
Securing docker containers
First of all let me say that I'm starting with docker and I haven't tried yet, in order to do that I would like to know if there is a way where I can prevent users from seeing docker containers file system (I presume the containers FS is located on plain files under the host like it happens in openvz containers, I'm wrong?), I would like to prevent certain users to see the containers file system and running docker commands on certain containers, is this possible? Can this be done using AppArmor or similar software?
Upvotes: 0
Views: 354
Answers (1)
Reputation: 27226
First of all, see Where are Docker images stored on the host machine?
Without sudo, I get the following
[user@host] cd /var/lib/docker/graph/
-bash: cd: /var/lib/docker/graph/: Permission denied
Does that answer your question? Otherwise you might want to elaborate on your setup and what the users are user of, etc. But then your probably better off with experimenting a bit on your own before :)
Upvotes: 1
Related Questions
- How to encrypt docker containers securely?
- Running docker securely
- Security of a Docker image
- Protect data in docker container
- Using multiple docker containers on the same host securely like isolated instances
- How to isolate docker containers from other users
- How to mitigate privilege escalation in Docker Containers to secure the host FS
- Docker Security issue around ENTRYPOINT
- Restricting access to a Docker container
- What makes docker secure?