14 comments

[ 3.7 ms ] story [ 43.8 ms ] thread
I'm confused--what's the security risk in building a container?
You're running untrusted code. Every RUN command in a user's Dockerfile is executed during build, which means you're executing arbitrary commands from strangers on your own infrastructure. If you're not isolating that properly, it's a security risk.
Inside the container though. The whole point of which is that it sandboxes and isolates the running code.
Maybe the default form of RUN is kinda sorta safe [0].

How about ADD? Or COPY? Or RUN —-mount=type=bind,rw…?

Over the last ten years or so we’ve progressed from subtle-ish security holes due to memory unsafety and such to shiny tools in shiny safe languages that have absolutely gaping security and isolation holes by design. Go us.

[0] There is some serious wishful thinking involved there.

> Or RUN —-mount=type=bind,rw…?

This seems to be pretty safe, according to the docs, if I understand them correctly. A bind mount can only mount "context directories" and the rw option will discard the written data, it says.

Containers in linux are primarily a shipping method (as Docker themselves try to inform you with the visual of a shipping container).

Just like real shipping containers, dangerous things inside can leak out - the isolation is not foolproof by any means, in fact if someone has the express wish of violating the isolation boundary it's barely an inconvenience.

The network isn't usually isolated. It build file can arbitrarily switch to the root user

There is some isolation but not complete isolation

Build environments are usually "soft targets" in most environments.

Especially ones that utilize a lot of the "CI/CD" pipeline approach.

Lots of secrets getting pulled from various different places, access to testing environments and testing databases needed for unit testing, access to systems that deploy to testing and prod environments. Sensitive code and secrets from multiple applications being used in the same servers and build infrastructure, etc.

So even if you trust containers to containerize securely (which is a bad idea in practice) there are all sorts of holes being poked in them to allow them integrate and access things. Even during building and testing.

Most security effort for most organizations involve hardening parts of production systems that are exposed to users and/or the internet. This not only involves proofing code and setting up firewalls, WAF, and such things, but also monitoring and whatnot.

That is expensive and a lot of work to do, while in build environments it tends to be more slapped together and people ignore them until something breaks.

You have similar situations with backup solutions. People need backups to secure data from corruption or deletion and protect businesses that way, but seeing them as a potential security hole isn't really thought about in the same way as running a production web server. Again it is something that just enough effort is put into to make sure it works and little attention is given to it unless it breaks.

(comment deleted)
I'm a bit disappointed. I thought the article would have some discussion on how to actually build untrusted container images in a safe way, but it is really just about how to connect to the Depot API and have it do it for you. I imagine there must be something inside there that answers that part (from some of their other articles, maybe that's BuildKit? unsure).
Anyone have advise or links for how to dynamically run untrusted code in production? Specifically NodeJS.

It looks like the isolated-vm package is the go-to, but understandably it prevents things like fetch or being able to import packages.

I’m thinking to use docker and have a single base image that exposes an API that will take an arbitrary string, check for and install imports, then eval (eesh) the code, but before going down the road of implementing it myself and going crazy over properly securing the containers I’m thinking that there has got to be some prior art. How are Codesandbox et al doing it?