franga2000 2 days ago

But those containers DON'T have socket access. ONE container has socket access, then it creates other containers WITHOUT socket access. Those containers ARE isolated. Since the untrusted (user provided) code runs in those, the setup is reasonably secure. An RCE in OneDev is an RCE on the host, but that's a completely different threat model. The important part is that user code is isolated, which it is.

▲

hamdingers 2 days ago | parent [-]

> The important part is that user code is isolated, which it is.

It isn't for the reasons I stated in previous comments, which you are unable to refute. Your dogged insistence to the contrary is bizarre.

I hope you do not work in this area.

▲

franga2000 2 days ago | parent [-]

I actually don't know who is misunderstanding who here. I work with containers daily and this is how I understand this situation:

The runner (trusted code) is tasked with taking job specifications from the user (untrusted code) and running them in isolated environments. Correct?

The runner is in a container with a mounted docker socket. It sends a /containers/create request to the socket. It passes a base image, some resource limits and maybe a directory mount for the checked out repository (untrusted code). The code could alternatively be copied instead of mounted. Correct?

The new container is created by dockerd without the socket mounted, because that wasn't specified by the runner ("Volumes": [] or maybe ["/whatever/user/repo/:/repo/"]). Correct?

The untrusted code is now executed inside that container. Because the container was created with no special mounts or privileges, it is as isolated as if it was created manually with docker run. Correct?

The job finishes executing, the runner uses the socket to collect the logs and artifacts, then it destroys the container. Correct?

So please tell me how you think untrusted code could get access to the socket here?

	▲	a day ago \| parent [-]
		[deleted]