You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Having the application run as regular user is a good idea in general, however, in this case, the user who runs the container is owning its binaries and therefore the rights to modify them. This might not be a big issue if you throw away the container on restart, however there are container orchestrator's that don't do that.
The next thing you might realize is that windows binary. This is not executable on Linux based systems. It might be nothing but I would guess that this binary should not be there at all.
I am not sure if the idea to start writefreely as entrypoint is a good idea, this is far more minor I usually tend to run some configuration scripts as root, that can also be extended by higher layers of the image, and then exec su to an unprivileged
user to run the daemon of the software. One thing you could do with such an entrypoint script is to do writefreely --gen-keys if the keys in the keys volume don't exist, so the user does not have to care about that.
The text was updated successfully, but these errors were encountered:
Thanks for starting this discussion, @zem! I went ahead and moved everything over to this forum thread. I'll close this issue and we can continue the conversation over there. Would love to get your take on implementing these crucial changes for hardening the WriteFreely container!
Describe the bug
When I investigated the Docker container I found some design flaws that could lead to security impacts.
Steps to reproduce (if necessary)
Steps to reproduce the behavior:
Having the application run as regular user is a good idea in general, however, in this case, the user who runs the container is owning its binaries and therefore the rights to modify them. This might not be a big issue if you throw away the container on restart, however there are container orchestrator's that don't do that.
The next thing you might realize is that windows binary. This is not executable on Linux based systems. It might be nothing but I would guess that this binary should not be there at all.
I am not sure if the idea to start writefreely as entrypoint is a good idea, this is far more minor I usually tend to run some configuration scripts as root, that can also be extended by higher layers of the image, and then exec su to an unprivileged
user to run the daemon of the software. One thing you could do with such an entrypoint script is to do writefreely --gen-keys if the keys in the keys volume don't exist, so the user does not have to care about that.
The text was updated successfully, but these errors were encountered: