Security in the Docker
The security of the Docker is very important. This is because it is used in production environments. If its security is not enhanced, then private data and information can be lost and get into wrong hands.
The first measure of ensuring security in the Docker is the use of the “docker” group. If you do not how to do this, consult the book “Docker. The first look” by Kevin Watts. Users who have been added to this group can freely access the computer and carry out any tasks including modifying the file systems. This explains why you need to be careful while adding users to the group. Only the trusted users should be added to the group.
Also, the Docker has also introduced the flag “–security-opt” to the command line. With this flag, the users will be able to set AppArmor and SELinux profiles and labels. Suppose that you came up with a policy which allows the container to listen only to Apache ports. If this policy was defined in svirt_apache, then it can be applied to your container by use of the following command:
This will make the process of running docker-in-docker by the users very easy as they will not have to use the “docker run –privileged” on the above kernels.