PostgreSQL image is open to the world #3
Comments
|
That is a file in the volume and thus configurable or replaceable by the user. Besides, all containers are inside the NAT and only exposed to external networking with You can also disable icc to prevent all containers from talking to it as well (excepting those connected with --link). https://docs.docker.com/articles/networking/ |
|
Indeed, I'd echo what @yosifkit has said - if you disable inter-container-communication via |
|
Thanks for your comments and opinion on this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
is there any good reason I am not aware of why this postgres installation should be open to the world by this line inside docker-entrypoint.sh:
host all all 0.0.0.0/0 trustIsn't it a better way to allow the postgres user to authenticate via password and set a default password once at startup. This way the password can be changed after starting the container via psql.
Best regards
Ingo
The text was updated successfully, but these errors were encountered: