Researchers Reveal Play With Docker Security Vulnerability

Security firm CyberArk reported on Jan. 14 that it discovered a security risk on the popular Play-with-Docker site that could have potentially enabled an attacker to get access to the host system's resources. CyberArk responsibly disclosed the issue to the Play-with-Docker maintainers and the issue has now been fixed. The purpose of the Play-with-Docker (PWD) site is to provide an online resource that easily enables anyone to learn about and play with the popular Docker container application technology. With containers, applications are isolated within an operating system, and the general idea is that users aren't supposed to be able to escape the confines of the container isolation and see the underlying host operating system. "We were able to take advantage of a weakness inherent in Linux containers to perform this research," Nimrod Stoler, Cyber Labs security researcher at CyberArk, told eWEEK. "Unlike virtual machines, which load kernels in every instance, containers share the same kernel code."