OReilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers. View all OReilly videos, Superstream events, and Meet the Expert sessions on your home TV. Hello World! Build the image using docker build command and give it any tag you want. After copying it, make sure you change the image named used while building. You will find the following contents in the userns-remap.sh script. You will also see that it updates the /etc/docker/daemon.json file and add { "userns-remap": "default" } to it. The default value of user namespace remapping in docker points to dockremap user. The container is completely isolated it cannot even run the directory listing command in the home directory of the root user. Docker breakout is the operation of bypassing the isolation layer of Docker containers, pivoting to the host and getting access to information in an authorized way and the process of trying to gain more privilege (privilege escalation). The docker daemon (dockerd) will create a separate directory in /var/lib/docker/[uid].[gid]. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more. Press J to jump to the feed. Run the docker container as shown below and you will see that it will spawn the shell after chroot'ing into the /hostOS directory. The first two commands are pretty straight forward, create a user and group with name dockremap and set the shell to /bin/false so that it can not be used as a login. There are two repositories cloned in the home directory which I will be using to demonstrate the remapping and then try to exploit it. For instance, in of the applications that I am working on right now, we are saving the build time for production releases by reusing the image of stage environment and replacing environment file at the run time using bind mount. https://tbhaxor.com/prevent-container-breakout-privilege-escalation-via-userns-remap/. Since the remapping information is transparent to the namespace, you can confirm it by reading the uid_map and gid_map files from the procfs. Get Mark Richardss Software Architecture Patterns ebook to better understand how to design componentsand how they should interact. The UID 99999 is mapped within the namespace as UID 0 (root) and inherited by all the child processes spawned by the first process (entry point). Attackers can use inter-container communication (icc) which allows containers to communicate with each other. Now, the dockerd will read this updated configuration from the daemon.json file and map the user in the namespace to dockremap. You can see the current session is running on behalf of a low privileged user, student. Docker breakout could be done, thanks to some different attack vectors. While accessing the resources on the file system and etc, the kernel will use this user instead of the namespace user (root) to check the DAC permissions of the resources. After implementing the namespaces, you won't be able to list the images anymore and this is an expected behaviour. The first vector is the threats discussed before: kernel vulnerabilities. In my previous posts, I have discussed a lot on how does a user with certain capabilities can escape the docker container and execute commands on the root of the host. In the docker-privsec directory you will find the a shell script which contains instructions to implement the remapping. This will let you use the fresh parent image from the registry if it is not pulled already. I am using short and relevant tag rootme:latest. 2022, OReilly Media, Inc. All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. : https://tbhaxor.com/prevent-container-breakout-privilege-escalation-via-userns-remap/, https://docs.docker.com/engine/security/userns-remap/, https://man7.org/linux/man-pages/man5/subuid.5.html, https://www.reddit.com/r/linuxquestions/comments/vf1a3w/how_does_subuid_and_subgid_works_with_user/, https://docs.sylabs.io/guides/3.5/admin-guide/user_namespace.html, Relinquish the root user privileges before executing ENTRYPOINT in the dockerfile, Implement firewall to disable privileged container and mounting of file system using. In case of remapping, when the containerd will run the program, by adding the configuration into uid_map and gid_map files as shown below. To secure Docker, you need to set the -icc flag to false, in addition to configuring iptables: Docker plays a middleware role between kernel and container. There's also live online events, interactive content, certification prep materials, and more. Press question mark to learn the rest of the keyboard shortcuts. But it is allowed to perform all actions on the docker, as you can see it is added to the docker group, which means interact with the docker UNIX socket. For security reasons, it will block this behaviour for open() and create() syscall functions. The containerd-shim has started the entry point process as the dockremap user, as you can see from the process listing output on the host machine. Now, go to the $HOME/dockerrootplease directory and edit Dockerfile, as shown in the following diff. Take OReilly with you and learn anywhere, anytime on your phone and tablet. Similarity, this mapping will work with the GID. This will be then used to map the user and group from inside to outside the container without patching anything on the runtime. You can confirm the container breakout from the process listing, which starts with /sbin/init process. Edit the echo line in the file as shown below to support both insecure registries and user namespace remapping. Terms of service Privacy policy Editorial independence. [Docker](http://www.docker.io) is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. If you wish to add different user, make sure change this value to that user and group, in format user:group. Let's ignore the last entry 65536 for the time being; the first entry in the map file only tells you the user or group id in the namespace, while the second entry in the map file tells you the user or group id outside of the namespace, which will be used by the kernel on the host. Instead, remap the default root, which is used to spawn containerd-shims and then child processes, to a separate low-privileged user. Prevent privilege escalation from container breakout by implementing user namespace remapping for the least privileged users. The naive approach to fix this issue could be the combination of the following. Get Advanced Infrastructure Penetration Testing now with the OReilly learning platform. Abusing privilege is another Docker breakout technique. Even though the effective user and group id are 0 (root), you won't be able to read the contents of the protected files like /etc/shadow or the flag in /root/flag. Get full access to Advanced Infrastructure Penetration Testing and 60K+ other titles, with free 10-day trial of O'Reilly. In most of the cases, some options could be required. Lastly, this script will reload the systemd units and then restart the docker service. This technique is known as User Namespace Remapping in the Docker world. You will find the command to run the exploit in the README.md file as shown below. When you run the program with fakeroot, it will inject it's interceptor via LD_PRELOAD and LD_PRELOAD_PATH environment variable and patching the system calls on the go.