Thinking outside the box: The Docker socket security concern

The Docker socket is insecure when mounted through to containers, allowing subsequent contains to escape the docker model and root the docker host.

Many use Docker in their CI pipelines; but few everyday users are aware of the security issues surrounding the docker socket on docker hosts and the complications this brings. I want to highlight one such issue with the docker socket when creating docker containers within docker containers.




Daniel Houston

DevOps Team lead at Accenture Latvia

Daniel recently moved from UK to Latvia. Previously, he worked in IBM for around 5 years, where he helped to found the DevOps Department in IBM Cambridge. While he was there he took part in a number of patent groups. He is a named inventor on an Intelligent route navigation, patent no. US9347780 and has some other patents awaiting to be published.