I think we'll see more security incidents involving Docker in the future as it becomes more popular. I have worked with it for a few months now and I can already see a few attack vectors that could easily be exploited if the corresponding Docker features are not used properly.<p>For example, as Docker can by default mount anything that root can mount, running<p><pre><code> docker run -i --volume=/:/data -t ubuntu
</code></pre>
will give you complete root access to your file system in the docker container (the talk mentions some Docker features that will mitigate this kind of attacks, notably UID mapping). Of course no one would willingly do that, but if you mount user resources into your containers and the resource name contains something that an external user might control (e.g. his/her username), then injection attacks become possible. Even with UID mapping enabled this can leak sensitive information about your host system into the container. And since people often use containers to run untrusted code (e.g. for CI systems), this can be a large security threat in my opinion.<p>Personally I really like Docker and I think it (or similar technologies) will change many aspects of IT/Devops/Data Analysis in the future, I just think that maybe they should have some more sensible defaults for security-relevant settings, i.e. only grant network access to containers if you ask for it, restrict default memory usage by default, limit the type of volumes you can mount, etc.