You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Although it can seem like root inside the container is an independent user, it’s actually the same as the root account on your host. Separation’s only provided by Docker’s container isolation mechanisms. There’s no strong physical boundary; your container’s another process run by the root user on your host’s kernel. This means a vulnerability in your application, the Docker runtime, or the Linux kernel could allow attackers to break out of the container and perform root-privileged operations on your machine.
The text was updated successfully, but these errors were encountered:
Although it can seem like root inside the container is an independent user, it’s actually the same as the root account on your host. Separation’s only provided by Docker’s container isolation mechanisms. There’s no strong physical boundary; your container’s another process run by the root user on your host’s kernel. This means a vulnerability in your application, the Docker runtime, or the Linux kernel could allow attackers to break out of the container and perform root-privileged operations on your machine.
The text was updated successfully, but these errors were encountered: