[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security implications of "runAsUser: type: RunAsAny"




On Tue, Oct 27, 2015 at 5:44 PM, Clayton Coleman <ccoleman redhat com> wrote:
Some of this will be improved once user namespaces land in Docker, but
until then being able to run as uid 0 (root) inside a container is
basically giving your users access to run as root on the host machine.

Was this supposed to land in the last 1.9?
I must say, these restrictions are a real pain when it comes to docker images like nginx...

Thanks

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]