Comment on What's the real danger of opening ports?
possiblylinux127@lemmy.zip 3 weeks agoYes and no
Breaking out of docker in a real life context would require either a massive misconfiguration or a major security vulnerability. Chances are you aren’t going to have much in the way of lateral movement but it is always good to have defense in depth.
Technus@lemmy.zip 3 weeks ago
If someone’s self-hosting, I’d be willing to bet they don’t have the same hardened config or isolation that a cloud provider would.
possiblylinux127@lemmy.zip 3 weeks ago
Docker restricts the permissions of software running in the container. It is hardened by default and you need to manually grant permissions in some rare cases.