As organizations continue to evaluate wider spread use of containerization to enable continuous deployment, security concerns around the wildly popular Docker keep popping up. Last week, an analyst with Gartner published a report that gave Docker security positive marks with some big caveats.
Written by Joerg Fritsch, the report examined the security properties of Docker. According to Fritsch, Docker is effective at resource isolation and has already just about attained parity in secure operations management and configuration governance with Linux OS and hypervisors . But where Docker containers fall short is on the management end.
“They disappoint when it comes to secure administration and management, and in support for common controls for confidentiality, integrity and availability,” Fritsch wrote, explaining that this could improve as Docker refines its libswarm and nsenter APIs.
As things stand, Fritsch recommends that organizations that don’t need to emulate a virtual private system should standardize on nsenter for interacting with running containers, and protect nsenter by limiting the input set. He also recommends that when working at scale, organizations should select a framework for managing resources and deploying containers, and consider using SSL/TLS wrappers for the Docker/Swarm API for the sake of integrity and confidentiality.
Meanwhile, Fritsch particularly calls out the lack of endpoint protection platform and encryption tools for Docker containers, explaining that the outlook is “grim” on this front.
“Traditional EPP and encryption vendors have not yet recognized containers as an area that they need to pursue and secure in the future,” he says, explaining that organizations have to mitigate risks through application whitelisting, SELinux or by using a strategic DevOps tool chain to automate and secure their containers, essentially making “containers self-assessing entities.”
Third party vendors may take more note of Docker as 2015 progresses, particularly if Docker’s growth follows the same trajectory in 2014. From June to October alone, Docker’s downloads grew from 3 million to 21 million. And last fall Docker received venture support for future growth by way of $40 million in additional funding—following up a previous round of $15 million in funding earlier in the year.
However, security concerns around Docker have started gather like storm clouds. In fact, security objections over Docker were a big reason for the introduction of the Rocket containerization project by CoreOS in early December. That announcement came swift on the heels of the release of the 1.3.2 version of Docker Engine, which took care of a number of vulnerabilities that could be exploited through a malicious Dockerfile, image or registry. It also added added a security feature for validation of images in containers. However, by late-December, security pros were knocking that verification function.
“Docker’s report that a downloaded image is “verified” is based solely on the presence of a signed manifest, and Docker never verifies the image checksum from the manifest,” wrote Jonathan Rudenberg, co-founder of Flynn, in a long explanation of the insecurities in Docker’s image downloading process. “An attacker could provide any image alongside a signed manifest. This opens the door to a number of serious vulnerabilities.”