Difficulty: Beginner
Estimated Time: 10 minutes

This scenario introduces the potential security concerns around docker.sock and what you need to be aware of when providing access to the file in containers.

In this scenario, we explored the potential problems if an attacker gets access to the docker.sock file. Once they have access they have complete control over the host, allowing them to perform privilege escalation and launch privileged containers to gain additional access than the original container.

Dangers of mounting docker.sock

Step 1 of 4

Mounting docker.sock

Containers use the docker.sock file as a way to communicate with the host Docker daemon. Accessing the daemon is used as a way to listen to Docker events, for example, when containers start/stop, to update application configuration. A popular framework using this is nginx-proxy which serves as a load balancer for containers.

Mounting the file is done via the volume flag, for example -v /var/run/docker.sock:/var/run/docker.sock

However, you need to be careful of what images you trust with this file which we'll explore in the next step.

This tab will not be visible to users and provides only information to help authors when creating content.

Creating Katacoda Scenarios

Thanks for creating Katacoda scenarios. This tab is designed to help you as an author have quick access the information you need when creating scenarios.

Here are some useful links to get you started.

Running Katacoda Workshops

If you are planning to use Katacoda for workshops, please contact [email protected] to arrange capacity.

Debugging Scenarios

Below is the response from any background scripts run or files uploaded. This stream can aid debugging scenarios.

If you still need assistance, please contact [email protected]