Skip to content
This repository has been archived by the owner on Oct 19, 2022. It is now read-only.

Security issue: Running a container for second time using a volume that already exists #67

Open
maxi-marufo opened this issue Mar 21, 2019 · 1 comment

Comments

@maxi-marufo
Copy link

I found a small issue when running for second time a container that had used a sshvolume. The first time I do this:

docker run -d
--name sshfs-container
--volume-driver vieux/sshfs
--mount src=sshvolume,target=/app,volume-opt=sshcmd=test@node2:/home/test,volume-opt=password=testpassword
nginx:latest

it creates the volume, and runs the container. But if I run that same command for second time, the volume already exists, so it just runs the container. Maybe this is not a big deal, but if I change the password, it still uses the volume, because the volume is already created and has all the info needed, including the password.

Maybe is not big deal, but I think it could be a security problem in some cases.

@thaJeztah
Copy link

I think that's expected; you're creating a named volume (sshvolume), so that is persisted after the container exits

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants