I'll start by saying I am not any kind of developer, and apologising in advance for any particularly stupid queries.I've been playing around with some applications at home on a small single board Ubuntu server, installed via Docker (each of those steps was itself a learning experience). Everything is working well and I'd now like to share some of what I've done with others. I was all set to install what I needed on a Vultr one click Docker install, but then noticed this:SecurityFully securing a system that runs containers is an involved task. This task includes minimizing the attack surface on the Docker daemon. For a system that intends to run containers comparable to how a normal system would run binary apps, it is not as much of a concern. But for multi-tenant container configurations, or container configurations that need isolation (such as for credit card processing), securing the Docker daemon is more important.How worried should I be about this? Right now, I only intend to install a very limited number of Docker applications - likely only one would be running at a time - the main application I was to use has a pre-compiled docker application; installing manually is pretty convoluted. The application itself has a permissioning system, and even then, all the data will be for demonstration only and I don't really care if anyone sees it.But I don't want to be that guy who's incorrectly installed application hosts a botnet or something.
↧