• remram@lemmy.ml
      link
      fedilink
      arrow-up
      1
      arrow-down
      2
      ·
      3 years ago

      This is not insecure. It is surprising if you don’t know how containers work, but in a real deployment you’d only bind to localhost and use a reverse proxy and that is perfectly safe.

        • remram@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          3 years ago

          As I said this is surprising if you don’t know how containers work. This is similar from how e.g. virtual machine networking would trip you. As long as you know how to set things up properly, which is documented at length, Docker is not “insecure”.

          • dandelion@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            3 years ago

            You are saying that if one installs containers or VMs with Qemu or VirtualBox or OpenVZ or LXC or Kubernetes or VMware these technologies will all punch holes to the outside by default despite the iptables setup of the host machine ?

            • remram@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              3 years ago

              So-called “bridged networking” is not the default for VirtualBox but it is recommended for Qemu, yes. In that case only the routing rules on the bridge apply, not the filtering rules on your host’s interface.