63 lines
1.7 KiB
Plaintext
63 lines
1.7 KiB
Plaintext
include::../../../shared_content/secrets/description.adoc[]
|
|
|
|
== Why is this an issue?
|
|
|
|
include::../../../shared_content/secrets/rationale.adoc[]
|
|
|
|
If an attacker gains access to a Docker swarm token, they might be able to add new workers or managers to the swarm.
|
|
|
|
=== What is the potential impact?
|
|
|
|
An attacker with control over a manager or worker node might be able to access sensitive information pushed to those malicious nodes. If the compromised token allows joining a
|
|
manager node to the swarm, this one could compromise other legitimate nodes by pushing
|
|
malicious tasks to them.
|
|
|
|
include::../../../shared_content/secrets/impact/data_compromise.adoc[]
|
|
|
|
:service_name: Docker Swarm
|
|
|
|
include::../../../shared_content/secrets/impact/infrastructure_takeover.adoc[]
|
|
|
|
|
|
== How to fix it
|
|
|
|
include::../../../shared_content/secrets/fix/revoke.adoc[]
|
|
|
|
include::../../../shared_content/secrets/fix/vault.adoc[]
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,java,diff-id=1,diff-type=noncompliant]
|
|
----
|
|
SwarmJoin swarmJoin = new SwarmJoin();
|
|
|
|
swarmJoin.getRemoteAddrs().add("103.214.142.16:2377");
|
|
swarmJoin.setJoinToken("SWMTKN-1-0o98pf607edyse6ncy7j3z5tjz5ehz6wdmmlevttk55nkgpyh1-pq3hfd1utmhpjnd5hvom0z6va");
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
[source,java,diff-id=1,diff-type=compliant]
|
|
----
|
|
SwarmJoin swarmJoin = new SwarmJoin();
|
|
|
|
swarmJoin.getRemoteAddrs().add("103.214.142.16:2377");
|
|
swarmJoin.setJoinToken(System.getenv("JOIN_TOKEN"));
|
|
----
|
|
|
|
//=== How does this work?
|
|
|
|
//=== Pitfalls
|
|
|
|
//=== Going the extra mile
|
|
|
|
== Resources
|
|
|
|
=== Documentation
|
|
|
|
Docker Documentation - https://docs.docker.com/reference/cli/docker/swarm/join-token/[docker swarm join-token]
|
|
|
|
include::../../../shared_content/secrets/resources/standards.adoc[]
|