-
Notifications
You must be signed in to change notification settings - Fork 887
documentation: security best practices for volumes #735
Comments
Context: the discussion started from this blog post and on the rkt-dev mailing list. As far as I understand the scenario in the blog post, the command The So I don't think it is necessary to change the mount options in the rkt mount namespace. (And it would not help) I like your idea of a warning. I suggest we also keep this issue open until the security implications of bind mounting a volume from the host to the pod are properly documented. Security best practices in
|
That makes sense. Thanks a lot @alban! |
Updated title to capture proposal. |
Mounting with nosuid still allows to create setuid binaries, it is just the setuid bit would have no effect. That leaves a possibility of doing |
More ideas for security best practices for volumes:
See: |
To prevent code inside a container from creating objects that could be potential security holes on the host.
Might also show a warning if a container is started and the filesystem used to mount a volume does not have those options ("the filesystem used allows device, executable and suid files to be created, please consider using a separate filesystem with nodev,noexec,nosuid options").
The text was updated successfully, but these errors were encountered: