I’ve installed Rancher server and deployed also Rancher agent on the host. I was able to see the host in the Rancher server UI,
When I tried to connect to the agent container - I ran “ps- ef” command and I saw all the host’s processes , and i even managed to kill a host’s process within the Agent container (!) - it that because of the fact its running in “Privileged” mode ? it seems like a serious security hole.
I was also wondering - how Rancher is able to deploy containers to the hosts, when its not running a “root” agent on the host, but a container, do you have access to run every command on the host it self ? how come this is happening ,the container shouldn’t be isolated from the host it self ?
I tried to start a different container with "--privileged -v /var/run/docker.sock:/var/run/docker.sock"
but still, I see only the container’s processes when I run "ps -ef" it is still isolated, unlike your agent which is running on my host.
Is it a serious security hole ? or am i missing something here ?
This is the design of Docker. Privileged containers are root on the host, full stop. They can kill any process on the host. The list ps shows is determined by the process group it’s joined, but it’s still root and can change that.
The Rancher agent has to be privileged to launch other (potentially privileged) containers.
I understand, but how come that i deployed an ubuntu container with priviliged access, but still I was not able to see the host’s processes and to kill it ?
It shouldn’t be an problem, because agent doesn’t expose a public port and no user should working with it.
It’s a needed host service like others (network, iptables, systemd,…) which runs on a server and need root permissions.
Instead of a service installed to the host it is deployed as a container.
Better a privileged agent instead of a privileged rancher Server container with a public reachable port (8080), right?