Security Concern #39429
Unanswered
Regis208
asked this question in
Connector Questions
Security Concern
#39429
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
It is not clearly stated that a port leading to the the docker API port is expose by the service docker_proxy, so the exploit describe here : https://dl.acm.org/doi/fullHtml/10.1145/3607199.3607205 can be deployed against the computer where AirByte is installed.
A warning on all installation tutorials maybe welcomed, even for local installation for test, as it could be on a notebook which may be exposed on a public wifi network.
Disabling the functionality by default forcing the user to acknowledge, at the installation, that he is aware about the issue and that he had taken the appropriate to protect the server from external access to the docker api port.
Beta Was this translation helpful? Give feedback.
All reactions