Docker security

Bypassing API firewall

Docker supports third-party plugins that can be used to enforce custom restrictions on the Docker daemon API. An API firewall can be created by regrouping such plugins together. This is not to be confused with the network firewall that can be created using Iptables. This section deal with bypassing or evading the restrictions applied to the Docker daemon REST API using plugins.

Seccomp Unconfined

Mounted directory

Unchecked JSON Structure and Attribute