Hello again and welcome back to the Security Sprint second edition ;)
Keeping with the topic of the last week, I’m going further in containers security. Now, we are going to learn the danger inside Elasticsearch, a distributed, RESTful search and analytics engine.
To clearly understand my point, let’s first launch a container running Elasticsearch. I’m using 1.4.2 version on purpose.
# docker run -d -p 9200:9200 --name es benhall/elasticsearch:1.4.2
By default Docker drops certain Linux capabilities and blocks syscalls to add a default level of security....