Jérôme Petazzoni

Containers & Docker: How Secure Are They?

This post reviews the various security implications of using Docker to run applications within containers, and how to address them. There are three great areas to consider: the intrinsic security of containers, as implemented by namespaces and cgroups; the specific attack surface of the Docker daemon itself; the “hardening” security features of the kernel and how they interact with containers. We will also discuss how Docker security features compare with other systems.