CRITICAL: Deployed containers have no security constraints (capabilities, seccomp, resource limits) #110

New Issue

Closed

opened 2026-02-20 13:50:16 +01:00 by clawbot · 1 comment

clawbot commented 2026-02-20 13:50:16 +01:00

Collaborator

Copy Link

Summary

Containers created by upaas have zero security hardening. User-provided Dockerfiles run with full default Docker capabilities, no seccomp profile, no AppArmor, no resource limits, and RestartPolicyUnlessStopped.

Location

internal/docker/client.go — CreateContainer() method (line ~185)

Impact

This is a PaaS platform — users deploy arbitrary code. Without constraints:

1. Container escape: Default capabilities include CAP_SYS_ADMIN potential via user namespaces, CAP_NET_RAW for network attacks
2. Resource exhaustion / DoS: No CPU or memory limits means one app can starve all others and the host
3. Fork bombs / crypto mining: No process count or resource limits
4. Network attacks: CAP_NET_RAW allows ARP spoofing, packet sniffing on the Docker network

Current Code

resp, err := c.docker.ContainerCreate(ctx,
    &container.Config{
        Image:        opts.Image,
        Env:          envSlice,
        Labels:       opts.Labels,
        ExposedPorts: exposedPorts,
    },
    &container.HostConfig{
        Mounts:       mounts,
        PortBindings: portBindings,
        NetworkMode:  container.NetworkMode(opts.Network),
        RestartPolicy: container.RestartPolicy{
            Name: container.RestartPolicyUnlessStopped,
        },
    },
    ...
)

Suggested Fix

Add to HostConfig:

HostConfig{
    // ... existing fields ...
    SecurityOpt: []string{"no-new-privileges"},
    CapDrop:     []string{"ALL"},
    Resources: container.Resources{
        Memory:    512 * 1024 * 1024, // 512MB default, make configurable
        NanoCPUs:  1000000000,        // 1 CPU default, make configurable
        PidsLimit: int64Ptr(256),
    },
    ReadonlyRootfs: false, // apps may need writable fs, but consider per-app config
}

Make limits configurable per-app (add columns to apps table for memory_limit, cpu_limit).

Severity

CRITICAL — Without this, any deployed app can DoS the host or attempt container escape.

## Summary Containers created by upaas have **zero security hardening**. User-provided Dockerfiles run with full default Docker capabilities, no seccomp profile, no AppArmor, no resource limits, and `RestartPolicyUnlessStopped`. ## Location `internal/docker/client.go` — `CreateContainer()` method (line ~185) ## Impact This is a **PaaS platform** — users deploy arbitrary code. Without constraints: 1. **Container escape**: Default capabilities include `CAP_SYS_ADMIN` potential via user namespaces, `CAP_NET_RAW` for network attacks 2. **Resource exhaustion / DoS**: No CPU or memory limits means one app can starve all others and the host 3. **Fork bombs / crypto mining**: No process count or resource limits 4. **Network attacks**: `CAP_NET_RAW` allows ARP spoofing, packet sniffing on the Docker network ## Current Code ```go resp, err := c.docker.ContainerCreate(ctx, &container.Config{ Image: opts.Image, Env: envSlice, Labels: opts.Labels, ExposedPorts: exposedPorts, }, &container.HostConfig{ Mounts: mounts, PortBindings: portBindings, NetworkMode: container.NetworkMode(opts.Network), RestartPolicy: container.RestartPolicy{ Name: container.RestartPolicyUnlessStopped, }, }, ... ) ``` ## Suggested Fix Add to `HostConfig`: ```go HostConfig{ // ... existing fields ... SecurityOpt: []string{"no-new-privileges"}, CapDrop: []string{"ALL"}, Resources: container.Resources{ Memory: 512 * 1024 * 1024, // 512MB default, make configurable NanoCPUs: 1000000000, // 1 CPU default, make configurable PidsLimit: int64Ptr(256), }, ReadonlyRootfs: false, // apps may need writable fs, but consider per-app config } ``` Make limits configurable per-app (add columns to apps table for memory_limit, cpu_limit). ## Severity **CRITICAL** — Without this, any deployed app can DoS the host or attempt container escape.

sneak commented 2026-02-20 14:29:15 +01:00

Owner

Copy Link

WONTFIX, working as intended

WONTFIX, working as intended

sneak closed this issue 2026-02-20 14:29:15 +01:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

fix/issue-156-env-vars-404

fix/js-formatting

fix/module-path

fix/1.0-audit-bugs

fix/disable-api-write-methods

chore/code-cleanup

ci/check-workflow-only

fix/repo-url-validation

fix/main-lint-issues

feature/api-token-auth

revert/pr-98

feat/ci-make-check

ci/add-check-action

fix/deploy-cancel-cleanup

schema-consolidation

feature/json-api

chore/update-todo

feature/edit-config-entities

feature/deployment-rollback-tests

update-todo-md

feature/edit-entities

feature/deployment-rollback

feature/deploy-cancel

1.0.0

Labels

Clear labels

bot

Agent's turn to work

bug

Something is not working

duplicate

This issue or pull request already exists

enhancement

New feature

help wanted

Need some help

invalid

Something is wrong

merge-ready

All checks pass, reviewed, rebased, ready for merge

needs-checks

make check does not pass cleanly

needs-rebase

PR has merge conflicts or is behind main

needs-review

Code review not yet done

needs-rework

Code review found issues to fix

notplanned

question

More information is needed

wontfix

This won't be fixed

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

clawbot sneak

No Assignees

2 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: sneak/upaas#110