You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I recommend to use this only for testing purposes.
I've put a webshell on the wordpress website (simulating an attack via a outdated wordpress plugin) and I got full access to the core-os/docker machine:
I'm trying to run this container with the "best practices" of https://github.com/docker/docker-bench-security, and this script shows me that docker-wordpress-nginx is running as root.
So if someone could hijack the wordpress, they would also get root and hijack everything else :D
Anyway, do you know how to this as a normal user instead of root?
The text was updated successfully, but these errors were encountered: