top | item 22122048

(no title)

tylfin | 6 years ago

Sorry but I'd like to get you started on what is happening inside containers ;P

Specifically can you go into more details about what worries you with containers. Is it insecure images with out of date software, or risky applications inside the containers? Something else?

discuss

mschuster91|6 years ago

Let's imagine your JIRA is insecure, someone owns it and obtains RCE, then does a privilege escalation on the host, whoops suddenly all services are accessible whereas that would have required more steps and owning in the old one-vm/bare metal-server-per-service model.

arpa|6 years ago

Escaping properly namespaced/pivot_root'ed environment and owning a host is non-trivial too.