Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-20474

Restrict the ability of mounting volumes in a Docker Runner container only to admins

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Unresolved
    • None
    • Docker Runner, Security
    • None
    • 0

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Problem Definition

      If the user has permissions enough to create new plans, he can attach volumes to Docker runner containers without any restriction.
      This raises a security concern since if Docker is running as root, a folder with sensitive data inside the host machine can be mounted on this container and the files will/can be manipulated with root permissions.

      Suggested Solution

      It would be a good idea if only Bamboo admins could specify the volumes that can be attached to the Docker Runner container.

      Attachments

        Activity

          People

            Unassigned Unassigned
            gribeiro Gabriel Ribeiro
            Votes:
            3 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated: