Play AppSec WarGames
Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.
Running a process as root in a container vs running a container as root
Running a container as a root is dangerous. But why? Let’s first understand what is the difference between running a process as root in a container vs running containers as root. Then see in practice the extend of a compromise when a program inside root container has ImageTragick bug.
IMPORTANT: You must first create the user on the host and then in the container. UID (1337) must exists in both container and host. This step was skipped in the livecast.
Lab: Root and ImageTragick - SecDim
Livecast: 5th April 2022, 6pm AEST, 10am CEDT
