Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security: Authentication model #8

Closed
metalivedev opened this issue Feb 1, 2013 · 2 comments
Closed

Security: Authentication model #8

metalivedev opened this issue Feb 1, 2013 · 2 comments

Comments

@metalivedev
Copy link
Contributor

If you can manipulate docker from inside docker, what is the authentication model?
How do I keep other containers from messing with me, cloning me, starting me, stopping me?
Or how do I give them permission to do so?
@shykes
Copy link
Contributor

shykes commented Feb 1, 2013

On Thu, Jan 31, 2013 at 5:56 PM, Andy Rothfusz notifications@github.comwrote:

If you can manipulate docker from inside docker, what is the
authentication model?
How do I keep other containers from messing with me, cloning me, starting
me, stopping me?
Or how do I give them permission to do so?

When we offer an introspection API, it will have to be scoped. That can be
done by source IP for example, since Docker controls the networking
topology and addressing for all containers.

Optionally, containers could have a "privileged" flag which allows them to
mess with other containers. This would be a great way to extend the
capabilities of Docker while staying in "userland".

@shykes
Copy link
Contributor

shykes commented Feb 25, 2013

Closing the issue, feel free to continue the conversation on the mailing list.

@shykes shykes closed this as completed Feb 25, 2013
crosbymichael referenced this issue in crosbymichael/docker Nov 8, 2013
Merge pull request #8 from crosbymichael/improve-aufs-detection
9afe475 
aufs: Improve aufs detection by looking at proc fs
@chrisruffalo chrisruffalo mentioned this issue Feb 12, 2014
Closed
crosbymichael added a commit that referenced this issue Feb 19, 2014
@crosbymichael
Merge pull request #8 from creack/implement_create_veth
9fd44cb 
Simplify code + Allow more generic attr children + remove prefix
dmcgowan referenced this issue in dmcgowan/docker Sep 18, 2014
@vbatts
Merge pull request #8 from dmcgowan/wip_provenance
7b011b2 
Update pull to use manifest data from registry
psftw pushed a commit to psftw/docker that referenced this issue Oct 24, 2014
@bfirsh
Merge pull request moby#8 from MSOpenTech/host-management
c5edfcf 
Fix azure sdk import in azure host driver.
squaremo pushed a commit to squaremo/docker that referenced this issue Apr 14, 2015
@tomwilkie
Merge pull request moby#8 from tomwilkie/network_extensions_dev_2
ef48128 
Fix label marshalling; improve test script
progrium pushed a commit to progrium/docker that referenced this issue May 9, 2015
@calavera
Merge pull request moby#8 from progrium/handler_mutex
d7a3d76 
Adding mutex to extpointHandlers
@setu1421 setu1421 mentioned this issue Nov 17, 2015
Closed
cherrry pushed a commit to cherrry/docker that referenced this issue Feb 11, 2016
@crawford
Merge pull request moby#8 from crawford/selinux
37fb0ab 
Revert "selinux/overlay incompatible err"
@Snorch Snorch mentioned this issue Oct 21, 2016
Closed
@buildreactive buildreactive mentioned this issue Nov 16, 2016
Closed
@zhangyongsu zhangyongsu mentioned this issue Jan 8, 2017
Closed
@al-sabr al-sabr mentioned this issue May 22, 2017
Closed
@adaiguoguo adaiguoguo mentioned this issue Sep 1, 2017
Closed
@dazinator dazinator mentioned this issue Aug 18, 2021
Open
thaJeztah pushed a commit to thaJeztah/docker that referenced this issue Jul 8, 2022
@ndeloof
Merge pull request moby#8 from ndeloof/image_inspect
04baf48
thaJeztah added a commit that referenced this issue Oct 18, 2022
@thaJeztah
Merge pull request #8 from moby/20.10_fix_git_file_leak
d7c33ad 
[20.10 backport] builder: Isolate Git from local system
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@shykes @metalivedev