You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed that in recent Docker versions (e.g. 20.10.6), when running a "classic" out-of-the-box Docker setup (i.e. with default settings, in overlay2 mode, without rootless or userns-remap mode, etc.), an unprivileged user (i.e. new user account with no sudo rights, not in the docker group, etc.) can navigate and read the contents of a running container's root filesystem, i.e. of the "/var/lib/docker/overlay2/[some hex id]/merged" directories. Here "[some hex id]" is a code generated by Docker, and can be obtained by simply listing the mounts with the "mount" command while the container is running.
As an illustration, here's how one can navigate to the contents of a container's root file system as an unprivileged user:
As some user who can run containers, launch any container, e.g.: docker run --rm -d alpine:3.13 sleep 999999
As an unprivileged user with no permissions related to Docker, run: ls $(mount | grep merged | cut -f3 -d" ")
You will see an output like bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var, i.e. the listing of files in the container root filesystem.
As mentioned, this only works in recent Docker versions such as 20.10.6, and in fact, this seems to be the expected behaviour since commit 7f5e39b, which changes permissions from 0700 to 0701 for the folders on /var/lib/docker and thus allows any user to traverse those paths.
Additionally to browsing the container's files, those are also possible:
An unprivileged user can modify some running container's files, as long as its UID matches that of an user within the container.
An unprivileged user can run a malicious SUID binary, or exploit a vulnerable SUID binary, which is contained within a running container (or even a pulled image), even if the container never uses this SUID binary in a way that could trigger the issue.
I know there are more secure ways to run Docker than the out-of-the-box configuration, and I acknowledge that I'm not the most familiar person with Docker's security model, so maybe this issue is bogus or it's well-known that an unprivileged user can do this, but it is surprising regardless.
Steps to reproduce the issue:
As a proof of concept for this last case, I built a simple Ubuntu 20.04 container where I gave SUID permissions to "cat", and uploaded it to joanbm/test-suid, using this Dockerfile:
FROM ubuntu:20.04
RUN chmod u+s /usr/bin/cat
On an Ubuntu 20.04 host, as some user who can run containers, launch this container with a simple sleep command: docker run --rm -d joanbm/test-suid sleep 9999999
Than, as an unprivileged user with no permissions related to Docker, run: $(mount | grep merged | cut -f3 -d" ")/usr/bin/cat /etc/shadow
And it will print the content of /etc/shadow on the host, from the command run by the unprivileged user, which I believe should not normally happen. Note this could also easily be used to launch a root shell by giving SUID to the shell instead of cat.
Describe the results you received:
An unprivileged user with no extra permissions related to Docker can access, a running container's files, potentially modify them, and run SUID binaries.
Describe the results you expected:
The unprivileged user should have no access to the container's files.
DigitalOcean $5 Ubuntu 20.04 droplet. (It also reproduces on my bare metal Arch Linux install.)
The text was updated successfully, but these errors were encountered:
joanbm
changed the title
Recent Docker folder permissions change to 0701 - Unprivileged users access to container's files
Recent Docker folder permissions change to 0701 - Unprivileged users can read/write/exec container's files
May 24, 2021
BTW, if I understand the commit correctly, the idea is to give the remapped root user (in userns-remap mode) the right to traverse the folders under /var/lib/docker. If this is the case, shouldn't an ACL giving the traversal (x bit) only to the remapped root user suffice?
Description
I noticed that in recent Docker versions (e.g. 20.10.6), when running a "classic" out-of-the-box Docker setup (i.e. with default settings, in overlay2 mode, without rootless or userns-remap mode, etc.), an unprivileged user (i.e. new user account with no sudo rights, not in the docker group, etc.) can navigate and read the contents of a running container's root filesystem, i.e. of the "/var/lib/docker/overlay2/[some hex id]/merged" directories. Here "[some hex id]" is a code generated by Docker, and can be obtained by simply listing the mounts with the "mount" command while the container is running.
As an illustration, here's how one can navigate to the contents of a container's root file system as an unprivileged user:
docker run --rm -d alpine:3.13 sleep 999999
ls $(mount | grep merged | cut -f3 -d" ")
bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
, i.e. the listing of files in the container root filesystem.As mentioned, this only works in recent Docker versions such as 20.10.6, and in fact, this seems to be the expected behaviour since commit 7f5e39b, which changes permissions from 0700 to 0701 for the folders on /var/lib/docker and thus allows any user to traverse those paths.
Additionally to browsing the container's files, those are also possible:
I know there are more secure ways to run Docker than the out-of-the-box configuration, and I acknowledge that I'm not the most familiar person with Docker's security model, so maybe this issue is bogus or it's well-known that an unprivileged user can do this, but it is surprising regardless.
Steps to reproduce the issue:
As a proof of concept for this last case, I built a simple Ubuntu 20.04 container where I gave SUID permissions to "cat", and uploaded it to
joanbm/test-suid
, using this Dockerfile:On an Ubuntu 20.04 host, as some user who can run containers, launch this container with a simple sleep command:
docker run --rm -d joanbm/test-suid sleep 9999999
Than, as an unprivileged user with no permissions related to Docker, run:
$(mount | grep merged | cut -f3 -d" ")/usr/bin/cat /etc/shadow
And it will print the content of /etc/shadow on the host, from the command run by the unprivileged user, which I believe should not normally happen. Note this could also easily be used to launch a root shell by giving SUID to the shell instead of cat.
Describe the results you received:
An unprivileged user with no extra permissions related to Docker can access, a running container's files, potentially modify them, and run SUID binaries.
Describe the results you expected:
The unprivileged user should have no access to the container's files.
Output of
docker version
:Output of
docker info
:Additional environment details (AWS, VirtualBox, physical, etc.):
DigitalOcean $5 Ubuntu 20.04 droplet. (It also reproduces on my bare metal Arch Linux install.)
The text was updated successfully, but these errors were encountered: