zlacker

[parent] [thread] 2 comments
1. Volund+(OP)[view] [source] 2025-01-05 16:05:15
Do you not run firewalls on your internal facing machines to make sure they only have the correct ports exposed?

Security isn't just an at the edge thing.

replies(1): >>globul+Cx1
2. globul+Cx1[view] [source] 2025-01-06 07:47:53
>>Volund+(OP)
No. That would be incredibly annoying and it's probably why docker overrides it as it would cause all manner of confusion.
replies(1): >>Volund+xa2
◧◩
3. Volund+xa2[view] [source] [discussion] 2025-01-06 14:50:26
>>globul+Cx1
You really, really should. Just because someone is inside your network is no reason to just give them the keys to the kingdom.

And I don't see any reason why having to allow a postgres or apache or whatever run through docker through your firewall any more confusing than allowing them through your firewall installed via APT. It's mor confusing that the firewall DOESN'T protect docker services like everything else.

[go to top]