What should I know if I'm going to run on a publicly accessible ?

I'm asking because I see this warning: "Adding a user to the “docker” group grants them the ability to run containers which can be used to obtain root privileges on the Docker host. Refer to Docker Daemon Attack Surface for more information."

docs.docker.com/engine/install

Show thread

@celia that warning is for companies who should be aware that adding Bob to docker is kind of the same as giving them root privileges which is probably a bad idea if was done just for convenience.

In your case I would assume you have control of the VPS, the root and your own user may have that privilege. And you would not harm your own VPS.

Follow

@celia I would be more concerned about what you expose to the world: a node http app? I would put a real webserver in front (as nginx), and stuff like that.

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.