Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
mixologist
on April 14, 2019
|
parent
|
context
|
favorite
| on:
CVE-2019-9193: Not a Security Vulnerability
If this is CVE, what is Docker then? :)
Anyone with privileges to run docker image is basically root on your host.
imtringued
on April 14, 2019
[–]
This is why you should never add your user to the docker group. Just use `sudo docker` or put your docker commands in a script that can only be edited by root and execute the script via sudo with NOPASSWD.
ahachete
on April 14, 2019
|
parent
[–]
Much better: replace Docker with
https://podman.io/
, which runs with user privileges, no root.
Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Anyone with privileges to run docker image is basically root on your host.