Comment on Security and docker
just_another_person@lemmy.world 3 months agoThis is not true. Perhaps on an already at-risk or exploitable machine, but even then it’s not trivial, and this is not a widespread thing that happens everywhere all the time
kevincox@lemmy.ml 3 months ago
It is. Privilege escalation vulnerabilities are common. There is basically a 100% chance of unpatched container escapes in the Linux kernel. Some of these are very likely privately known and available for sale. So even if you are fully patched a resourceful attacker will escape the container.
That being said if you are a low-value regular-joe patching regularly, the risk is relatively low.