Subj : Re: MysticBBS on NAS (NFS or iSCSI)
To   : esc
From : deon
Date : Wed Nov 09 2022 01:49 pm

  Re: Re: MysticBBS on NAS (NFS or iSCSI)
  By: esc to Bucko on Tue Nov 08 2022 06:18 pm

Howdy,

 > Docker isn't a panacea for security, just keep in mind that if your user is
 > part of the 'docker' group, it's possible to break out of the docker
 > container and do things as root.

I see and hear many people think "docker" = "not secure" - primarily because of the lack of understanding of this docker group.

For clarity:
https://docs.docker.com/engine/security

Is a must read for anybody concerned (or doesnt understand) docker security.

Like anything deployed on a publically network connected system, you should understand the security around what you are deploying before trusting it implicitly.

That said, I've been primarily using docker for many years now, on many systems, and I've never been compromised. In fact, I think the last time I was compromised (probably 10+ years ago now) I concluded that they got in via a vulnerability in SSH (that machine only had ssh and nginx on it).


....כמון
--- SBBSecho 3.15-Linux
 * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)

.