0

When using docker login it saves my credentials to ~/.docker/config.json as base64.

It also states that it's safer to use a credentials store and helper, because:

Using an external store is more secure than storing credentials in the Docker configuration file.

That sounds good, but lacks detail.

I have two threat models:

  • On my personal machine: I'm the only user, and my home directory is protected anyway - so only I and root can access the file (and I am root).
  • In a server managed by automation (ansible): there are only two users, the automation and root users (both me).

I prefer more security, but in my environment and threat model this just seems like busywork.

In these use cases, why is it more secure to use a credential store? Are there actual practical risks which I've neglected?

lonix
  • 14,255
  • 23
  • 85
  • 176
  • Keeping secrets in the docker file means you also keep them in the code repository. If the repo is leaked (exposed to public for example) you shared both the code and the secret. – Amirshk Jul 31 '23 at 15:54
  • @Amirshk No, it's not in source control. The path `~/.docker/config.json` is the location of the config file, not of source code. – lonix Jul 31 '23 at 16:09
  • _On my personal machine: I'm the only user, and my home directory is protected anyway - so only I and root can access the file (and I am root)._ > If you laptop gets stolen, though, or if you have a ransomeware, or someone make it onto your server and use a privilege escalation exploit, just copying the file can allow the attacker to use your Docker repository, so that's not really the safest bet here. – β.εηοιτ.βε Aug 02 '23 at 21:05
  • @β.εηοιτ.βε Yeah that's true. When someone accesses your personal machine the game is over completely, so I wonder whether it's worth the time worrying about it. But the privilege escalation exploit is more "real" and concerning...I always wonder whether those sort of attacks in the real world are just "bogeyman" to frighten people to spend more money on security or are a common threat; I've never encountered such a thing in a well-managed environment. Very concerning though. Good risk assessment, thanks... I have a lot to think about now. – lonix Aug 02 '23 at 23:47

0 Answers0