bpfd icon indicating copy to clipboard operation
bpfd copied to clipboard
verified publisher icon genuinetools

Docker Detection Easily Broken

Open sargun opened this issue 7 years ago • 1 comments

It appears like Docker detection happens by inspecting /proc/1/cgroup. If the cgroup paths themselves don't include "docker", then the detection fails. This happens if the user decides to control / configure the cgroup path.

I think there may be a couple other heuristics that we can use. Some other options:

  • look for /.dockerenv
  • look for /.dockerinit

sargun avatar Feb 15 '19 00:02 sargun

Please read https://github.com/GoogleContainerTools/kaniko/pull/1686#issuecomment-909399071. The proposed and implemented heuristic has its issues... Just a heads-up.

Silvanoc avatar Aug 31 '21 16:08 Silvanoc