If they gained root access to the container, that’s not a moderate vulnerability. Root inside a container is still root. You can still access the kernel with root privs and it’s the same kernel as the host.
I know that? I’m just saying that MS categorised it as such. It would be strange to include the part about MS’s responses if MS also found that the vulnerability was not what the researchers claimed it was.
What I’m saying is something about the story doesn’t add up.
Either Microsoft classified a major issue as a minor one so they didn’t have to payout the bug bounty (quite possible), or the attack didn’t achieve what the researchers thought it did and Microsoft classified it according to it’s actual results.
Docker isn’t, but I was under the impression that hyperscalars tended to put all their containers in lightweight VMs or use something like kata containers anyways for security purposes
MS said they fixed it and categorised it as a “moderate severity vulnerability” so presumably they did in fact gain root access to the container
If they gained root access to the container, that’s not a moderate vulnerability. Root inside a container is still root. You can still access the kernel with root privs and it’s the same kernel as the host.
Docker is not a virtual machine.
I know that? I’m just saying that MS categorised it as such. It would be strange to include the part about MS’s responses if MS also found that the vulnerability was not what the researchers claimed it was.
What I’m saying is something about the story doesn’t add up.
Either Microsoft classified a major issue as a minor one so they didn’t have to payout the bug bounty (quite possible), or the attack didn’t achieve what the researchers thought it did and Microsoft classified it according to it’s actual results.
If I have to choose between either ms or an unknown being correct, I pick the unknown person.
Docker isn’t, but I was under the impression that hyperscalars tended to put all their containers in lightweight VMs or use something like kata containers anyways for security purposes
That assumes the container itself is run as root, right?
I think they gained root to the python env which they couldn’t do anything with because it was still running in docker inside a VM.