Widespread adoption of Docker both within desktop and server environments has significantly widen the attack surface of companies’ IT infrastructures. While the concept of containerization has been around for a longer while thanks to e.g. LXC or FreeBSD’s Jails, it is Docker which gained the most popularity, mainly due to its lower entry threshold. However, without knowing the underlying technology, it is easy to become a victim of insecure Docker configuration. Here I will describe some of the most common pitfalls of this environment.
Note: the following OS references and examples will refer to Linux-based hosts.