What are the things I can do by mounting /var/run/docker.sock as a volume to a docker container?

ArunMuthu
June 14, 2022
186 views
0 votes
2 Answers

After mounting /var/run/docker.sock to a running docker container, I would like to explore the possibilities. Can I issue docker commands from inside the container, like docker stop? Why is it considered a security risk:- what exact commands could I run as a root user in docker that could possibly compromise the host?

Tags: docker linux

Answers

- dannypas00
- June 14, 2022 at 4:36 pm
- 0 votes
0
I couldn’t give you exact commands to execute since I’m not testing this but I’m assuming you could:
- Execute docker commands, including mounting host volumes to newly spawned docker containers, allowing you to write to the host
- Overwrite the socket to somehow inject arbitrary code into the host
- Escalate privileges to other docker containers running on the same machine
Login or Signup to reply.

- BMitch
- June 14, 2022 at 4:56 pm
- 0 votes
0
It’s trivial to escalate access to the docker socket to a root shell on the host.
```
docker run -it --rm --privileged --pid host debian nsenter -t 1 -m -u -n -i bash
```
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.