You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Dockers mechanics are designed to be able to directly publish ports.
Initially i was worried that this was a security flaw. If someone not-authorised has access to the host, and has the ability to run terminal commands, this Docker/iptables relation is the least of our worries.
I'm realising that the ufw-docker is fighting how docker has been designed to function and i'm debating removing the changes i've made to after.rules.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Dockers mechanics are designed to be able to directly publish ports.
Initially i was worried that this was a security flaw. If someone not-authorised has access to the host, and has the ability to run terminal commands, this Docker/iptables relation is the least of our worries.
I'm realising that the ufw-docker is fighting how docker has been designed to function and i'm debating removing the changes i've made to after.rules.
What are peoples thoughts here?
Beta Was this translation helpful? Give feedback.
All reactions