Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-3382

provide non-root container

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Won't Do
    • Affects Version/s: 2.5
    • Fix Version/s: N/A
    • Component/s: N/A
    • Labels:
      None

      Description

      Processes in Docker usually runs as root.

      If someone is able to break out of the container, he has root permissions on the host.

      So it was better to initate the start from maxscale-start and monit with a different user as maxscale.

      Example:
      non-root user docker

        Attachments

          Activity

            People

            Assignee:
            toddstoffel Todd Stoffel
            Reporter:
            Richard Richard Stracke
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration