Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1s2lIv-005qNk-K9 for pgsql-admin@arkaria.postgresql.org; Fri, 03 May 2024 05:17:53 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1s2lIs-00616H-VC for pgsql-admin@arkaria.postgresql.org; Fri, 03 May 2024 05:17:51 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1s2lIs-006169-G1 for pgsql-admin@lists.postgresql.org; Fri, 03 May 2024 05:17:51 +0000 Received: from mail-vs1-xe34.google.com ([2607:f8b0:4864:20::e34]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1s2lIq-001Bty-Kf for pgsql-admin@lists.postgresql.org; Fri, 03 May 2024 05:17:50 +0000 Received: by mail-vs1-xe34.google.com with SMTP id ada2fe7eead31-47eef876f2aso460550137.1 for ; Thu, 02 May 2024 22:17:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1714713467; x=1715318267; darn=lists.postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=35QIqAepF2H5pj+onPvuwcFXVtxhU9+qo6xYw9nkyAY=; b=VO5kJ6/MMjbKOmrPL+O3KHw8cFgCNIKwUpuV9rgFUA3kRzqwSg7RyL8sk97xu32DjJ Oss0lREdr0G39vaS3ixqcVTh4NdC5gDMjoa6bWbwn9xukKWh6s4WRtGuRb/nTIqetx00 whFsXSLGBFN8yXrAC0g8CYZ420zrEiSawfk08pNvY20VYsvfdlNIfc217g/LBbHzA85C MB84VwklBZCtlOHQDETLdcuHJEIB7zGvfmG0VnFGwxDqLd/AdtZhGy1PVIJBQEoMVkig ewDr4ixH1DVRwY8U9t1sicuBP7nJ86QzFCKOansX5vB7CueT6+NfMqMIrIlxagcmXv4e 9Ufg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714713467; x=1715318267; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=35QIqAepF2H5pj+onPvuwcFXVtxhU9+qo6xYw9nkyAY=; b=F3DAt7yUHu8EKVq1Uq6KMpg4sRcdlvMlVOm+OpLiJ6Basd6HaNozAXc8WzS0pmtDSH AjANWThvGF7d0KY+yz9ih5Hx1Ka6zZGbtBZKDdrbX8BFVSgU1DgxvaRu4lY5G9pTh5pn r6oFeOZjFWBKZJVVGI34g8UtQUqdox0Wt+0fqFzH00GEf9dNJQVqj0uwQckK0VGJ0IVM XlIIzV3kkIL6seMK0KEqUZNCvpKSalAcYqhxqd9KK63lJnAQhxqD5UAyUg5gaT4VMEO0 qxesDBzKLghLEHe4lhIoLuy/o+YdyM+wS3UVd4XX1B2KuqblKCp8jvqklWVytAvifsqQ 9a5g== X-Gm-Message-State: AOJu0YxMuCRztMeu24V6y37gNTl5BGmCzUm2n1qHozXwmobDxA4VvHq0 WJLHRovqkUuYbuOw+nVExIVmxJoC9YVKLfaUR3XDeE7/xg8c4ooXrVpc5bQWxnQUcUZtwZdvYso EUE0K8GHNP6X8frkPjYD/lF39Gdc= X-Google-Smtp-Source: AGHT+IF4vQHhnHJCH3lsLFboCDY7HeQ5p9+POwfhv9qCbwe3MW3By2byQJ/kAGC84PgJfdPW0n3JTI8VvjaoOSk0YTk= X-Received: by 2002:a67:b60a:0:b0:47e:8c3b:b11d with SMTP id d10-20020a67b60a000000b0047e8c3bb11dmr1810371vsm.2.1714713466154; Thu, 02 May 2024 22:17:46 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Kashif Zeeshan Date: Fri, 3 May 2024 10:17:34 +0500 Message-ID: Subject: Re: postgresql in docker to improve security To: vrms Cc: pgsql-admin@lists.postgresql.org Content-Type: multipart/alternative; boundary="0000000000000ab897061785d7fa" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --0000000000000ab897061785d7fa Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, May 3, 2024 at 10:14=E2=80=AFAM vrms wrote: > interesting points @Kashif. > > On the other hand I often, that containers are by design ephemeral and > tend to crash. This would be a threat to data integrity (allegedly more > then running in a VM i.e.). > Yes that's true, but for that we have K8 and which can automate the recovery process. > > Admittedly the environment I am working in is not very open to, nor > experienced with container-technology in general, so these claims might b= e > based on hearsay and those issues might not be actual problems any more > these days. > Yes I agree, the technology is changing rapidly but there are still loopholes and what we can do is to avoid as many risks as possible as nothing is 100% secure. > > Any thoughts on that? > > > Also I made a mark in my mind head thad podman, by design, was just a > little more secure then Docker. I think it was due to the fact Containers > can run without the need of requiring root privileges for the user runnin= g > a podman container. > > > > > On 5/3/24 5:23 AM, Kashif Zeeshan wrote: > > Hi > > Yes docker container improves the security and following are the ways it > does. > 1. Isolation : When you run postgres in a container, you are isolating it > from host os and other containers so it limits the attack surface. > 2. Port mapping : By mapping only the necessary container port and > allowing access only using that port limits the attack surface. > 3. You can manage the access privileges of the users that run container > 4. Docker containers use namespaces for process isolation and security. > > Regards > Kashif Zeeshan > Bitnine Global > > On Fri, May 3, 2024 at 3:44=E2=80=AFAM Nguyen, Long (IM&T, St. Lucia) < > Long.Nguyen@csiro.au> wrote: > >> Good day. This is a general db question. >> >> >> >> I start exploring containerisation and start learning docker. Would >> having postgresql in docker improve security in the sense that users cou= ld >> only access to the db through the port mapped to the environment outside= of >> docker, and if they somehow are able to hack and access outside the db, = the >> access is limited within the container not the OS that host the containe= r. >> >> >> >> Thanks. >> > > > > On 5/3/24 5:23 AM, Kashif Zeeshan wrote: > > Hi > > Yes docker container improves the security and following are the ways it > does. > 1. Isolation : When you run postgres in a container, you are isolating it > from host os and other containers so it limits the attack surface. > 2. Port mapping : By mapping only the necessary container port and > allowing access only using that port limits the attack surface. > 3. You can manage the access privileges of the users that run container > 4. Docker containers use namespaces for process isolation and security. > > Regards > Kashif Zeeshan > Bitnine Global > > On Fri, May 3, 2024 at 3:44=E2=80=AFAM Nguyen, Long (IM&T, St. Lucia) < > Long.Nguyen@csiro.au> wrote: > >> Good day. This is a general db question. >> >> >> >> I start exploring containerisation and start learning docker. Would >> having postgresql in docker improve security in the sense that users cou= ld >> only access to the db through the port mapped to the environment outside= of >> docker, and if they somehow are able to hack and access outside the db, = the >> access is limited within the container not the OS that host the containe= r. >> >> >> >> Thanks. >> > --0000000000000ab897061785d7fa Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Fri, May 3, 2024 at 10:14=E2=80=AF= AM vrms <vrms@netcologne.de>= ; wrote:
=20 =20 =20
in= teresting points @Kashif.

On the other hand I often, that containers are by design ephemeral=C2=A0 and tend to crash. This would be a threat to data integrity (allegedly more then running in a VM i.e.).
Yes that's true, but for that we have K8 and= which can=C2=A0 automate the recovery process.

Admittedly the environment I am working in is not very open to, nor experienced with container-technology in general, so these claims might be based on hearsay and those issues might not be actual problems any more these days.
Yes I agree, the technology=C2=A0is changing rapidly but there ar= e still loopholes and what we can do is to avoid as many risks as possible = as nothing is 100% secure.=C2=A0

Any thoughts on that?


Also I made a mark in my mind head thad podman, by design, was just a little more secure then Docker. I think it was due to the fact Containers can run without the need of requiring root privileges for the user running a podman container.




On 5/3/24 5:23 AM, Kashif Zeeshan wrote:
Hi

Yes docker=C2=A0container=C2=A0improves the security and fol= lowing are the ways it does.
1. Isolation : When you run postgres in a container, you are isolating it from host os and other containers so it limits the attack surface.
2. Port mapping : By mapping only the necessary container port and allowing access only using that port limits the attack=C2=A0surface.
3. You can manage the access privileges=C2=A0of the users th= at run container
4. Docker containers use namespaces for process isolation=C2=A0and security.

Regards
Kashif Zeeshan
Bitnine Global

On Fri, May 3, 2024 at 3:44=E2=80=AFAM Nguyen, Long (IM&T, St. Lucia) <Long.Nguyen@csiro.au= > wrote:

Good day. This is a general db question.

=C2=A0

I start exploring containerisation and start learning docker.=C2=A0 Would having postgresql in docker impro= ve security in the sense that users could only access to the db through the port mapped to the environment outside of docker, and if they somehow are able to hack and access outside the db, the access is limited within the container not the OS that host the container.

=C2=A0

Thanks.




On 5/3/24 5:23 AM, Kashif Zeeshan wrote:
=20
Hi

Yes docker=C2=A0container=C2=A0improves the security and follo= wing are the ways it does.
1. Isolation : When you run postgres in a container, you are isolating it from host os and other containers so it limits the attack surface.
2. Port mapping : By mapping only the necessary container port and allowing access only using that port limits the attack=C2=A0surface.
3. You can manage the access privileges=C2=A0of the users that run container
4. Docker containers use namespaces for process isolation=C2=A0and security.

Regards
Kashif Zeeshan
Bitnine Global

On Fri, May 3, 2024 at 3:44= =E2=80=AFAM Nguyen, Long (IM&T, St. Lucia) <Long.Nguyen@csiro.au> wrote:

Good day. This is a general db question.

=C2=A0

I start exploring containerisation and start learning docker.=C2=A0 Would having postgresql in docker improve security in the sense that users could only access to the db through the port mapped to the environment outside of docker, and if they somehow are able to hack and access outside the db, the access is limited within the container not the OS that host the container.

=C2=A0

Thanks.

--0000000000000ab897061785d7fa--