
19% of the most popular Docker containers have no root password - farukx
https://techerati.com/news-hub/19-of-the-most-popular-docker-containers-have-no-root-password/
======
londons_explore
Does getting root in a container typically give you access to much more then
the application?

~~~
hultner
Last time I checked docker isn't quite multi tenant oob so a root user could
spy on other containers network traffic which could be a great jumping off
point to gain further access to other parts of the infrastructure.

You could also modify the application logic which the user running the app
shouldn't have in a properly set up container.

