Lemmy: Bestiverse
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
tofu@lemmy.nocturnal.garden to Selfhosted@lemmy.worldEnglish · 9 months ago

Restricting Docker Socket Proxy by Container

blog.foxxmd.dev

external-link
message-square
8
link
fedilink
30
external-link

Restricting Docker Socket Proxy by Container

blog.foxxmd.dev

tofu@lemmy.nocturnal.garden to Selfhosted@lemmy.worldEnglish · 9 months ago
message-square
8
link
fedilink
Further enhance security for socket-proxy usage with this one wierd trick

Cross posted from: https://lemmy.nocturnal.garden/post/294603

  • lefaucet@slrpnk.net
    link
    fedilink
    English
    arrow-up
    3
    ·
    9 months ago

    Does this apply to podman as well?

    • tofu@lemmy.nocturnal.gardenOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      Good question, I don’t know if Podman has a thing like Docker socket

      • Static_Rocket@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        9 months ago

        It does, but it’s disabled by default. It’s explicitly for docker compatibility though, not a core part of the application.

Selfhosted@lemmy.world

selfhosted@lemmy.world

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don’t duplicate the full text of your blog or readme if you’re providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

  • selfh.st Newsletter and index of selfhosted software and apps
  • awesome-selfhosted software
  • awesome-sysadmin resources
  • Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 460 users / day
  • 2.64K users / week
  • 6.45K users / month
  • 16.4K users / 6 months
  • 1 local subscriber
  • 60.4K subscribers
  • 3.98K Posts
  • 92.4K Comments
  • Modlog
  • mods:
  • Ruud@lemmy.world
  • Loki@lemmy.world
  • CannaVet@lemmy.world
  • devve@lemmy.world
  • ayyy@sh.itjust.works
  • curbstickle@anarchist.nexus
  • curbstickle_lw@lemmy.world
  • BE: 0.19.15
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org