Question Authors' Forum

JobeInABox and security

JobeInABox and security

by Tim Hunt -
Number of replies: 2

We are still, slowly, moving towards using jobeinabox as the back-end for our CodeRunner setup. (It is progressing slowly, because we have a bit of an 'if it ain't broke ...' with our existing setup.)

We have just got to consiering the 'network' bit of 'Notes on security' at https://hub.docker.com/r/trampgeek/jobeinabox.

Reading between the lines there, I guess you have a server of your own where the Docker containers run.

We are trying to set this up in a container service (AWS Fargate) and therefore the specific suggestion does not directly apply.

I don't know very much about these things, but with my limited understanding of Docker, I am wondering why we are not using the docker configuration to prevent outgoing Network requests.

We are probably going to try that ourselves, but before we do, I thought I would ask to see if anyone knew more, or had more experience than me. Thanks in advance for any suggestsions anyone has.

In reply to Tim Hunt

Re: JobeInABox and security

by Richard Lobb -
This sounds like an excellent idea, Tim. I don't understand docker networking myself, so the security note advising that the host running the container be appropriately firewalled was just a way to save me from having to figure out how to achieve the same thing within docker. Hopefully someone else on this forum can offer useful advice on how to proceed.
In reply to Richard Lobb

Re: JobeInABox and security

by Tim Hunt -

Thanks Richard.

I've got a meeting next week, with some colleagues who know more about Docker than me, so we might be able to come up with something. I just wanted to know the state of play before that, which now I do.

If anyone else has useful advice, it will be very gratefully received.