Docker Community Forums

Share and learn in the Docker community.

Import untrustworthy image into docker?


(Secdocker1) #1

Is it possible to import (and run) images from untrustworthy sources using the “docker import” command without threatening/harming the host server or other docker containers?

If not: Can a “tar” image (or any other format) be sanatized to be imported without harming? What are the main points to consider?

Specially: does the image file (“tar” or what ever) can contain any (docker) commands that can be harmfull?


(Secdocker1) #2

As far as I understand now an export from a container (!) can only (!) contain the filesystem of the exported container and no other files that will/could be executed on the host system during import (like dockerfiles).

So importing an exported container should be totaly fine? Correct?

And running container are isolated from the host and each other. So the running container can’t harm them? (beside Bugs of course)