Containing Your Containers – It’s Time to Batten Down the Hatches

Docker has been exceptionally successful in adoption with cloud customers. But with great success also comes the attention of the best attackers in the world. Indeed, fairly obscure TOCTOU vulnerabilities are being discovered that, when properly exploited, can result in devastating consequences.

Aleksa Sarai, an Australian undergraduate and SUSE Linux developer who spends his spare time tracking down security holes, discovered a vulnerability in Docker containers - an underlying programming bug in the Docker command-line interface (CLI) tool’s copy file code, now known as CVE-2018-15664. This hole enables an attacker to misdirect file writes intended for container filesystems to the host filesystem. This potentially allows an attacker to get root-level, read-write access to any path on the host server.

This vulnerability could enable an attacker to overwrite the Docker host filesystem with malicious code. With this, containers on a server could be attacked, destroyed, or misused. All released versions of Docker through May 2019 have this security hole.

Technically, the exploit works because when an attacker invokes the Docker cp (copy) command they can plant their own symlink into a path in the milliseconds between when the path is resolved and when it’s actually operated on. This kind of security problem is well known as a Time-of-check Time-of-use (TOCTOU) Race Condition.

In this particular case, Sarai explained, “The basic premise of this attack is that FollowSymlinkInScope suffers from a fairly fundamental TOCTOU vulnerability. The purpose of FollowSymlinkInScope is to take a given path and safely resolve it as though the process was inside the container.

After the full path has been resolved, the resolved path is passed around a bit and then operated on a bit later (in the case of 'docker cp' it is opened when creating the archive that is streamed to the client). … an attacker can add a symlink component to the path *after* the resolution but *before* it is operated on, then you could end up resolving the symlink path component on the host as root. In the case of 'docker cp' this gives you read *and* write access to any path on the host."

Docker states this attack would only work if the container was already compromised and “docker cp” was used to replicate the container files while the copy was being made--a vulnerability window that's only open for a few milliseconds.

And Docker is correct in stipulating that this breakout event can only happen in already vulnerable containers. However, attackers can keep inventory of containers and wait for new vulnerability disclosures. It’s also important to understand that Docker runtime provides the foundation for most modern containerized application and container orchestration platforms such as Kubernetes. If a Docker runtime program is compromised, an attacker could effectively take control of all containers running on the Docker host.

The TOCTOU vulnerability in the docker CLI command program, could be exploited by an attacker or even a rogue developer. A seemingly normal use of ‘docker cp’ command to write to a container file system that uses symlinks could effectively be used to maliciously overwrite host system files.

This new container vulnerability underscores once again the importance of full-stack runtime security for all of your container deployments.

Fortunately, Symantec Cloud Workload Protection (CWP) can protect your Docker containers against the Docker copy command TOCTOU vulnerability across Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI).

Symantec CWP does this by deploying runtime policies which protect containers with the TOCTOU vulnerability against attacks. In fact, CWP has been providing out-of-the-box protection against this type of attack for more than two years now. As soon as the CWP Docker policy is applied to your policy group, Docker host processes are immediately restricted from writing to arbitrary locations on the host system.

So, while container security problems are eternal, with the right overall security programs these problems can be easily mitigated.