Sudo gpasswd -a tomcat docker ! how secure is adding tomcat to docker group?

We assume you are using Bitnami to deploy your application.

  • Which version of the application are you using?:
    Bitnami Jenkins 2.121.3

  • Please choose how you got the application: Installer (Windows, Linux, macOS), cloud image (AWS, GCE, Azure, …) or VM (VMDK, VBOX):

USING BITNAMI IN GOOGLE CLOUD ENGINE

  • Have you installed any plugin or modified any configuration file?:

  • Describe here your question/suggestion/issue (expected and actual results):

wanted docker access to the tomcat user for a jenkins build, so added the tomcat to docker group using

sudo gpasswd -a tomcat docker

_but wanted to know how secure is adding tomcat to docker group ? _
or should i change any configuration file to make it more secure ?

Thanks in advance :slight_smile:

Hi @ndonthinli,

Could you please let us know why you want to add tomcat to the docker group? What are the requirements for that build? Do you need to run a docker command inside a Jenkins’ job?

Thanks

yes i can explain,
the reason i need tomcat in docker group is due to the java testcontainers which needs docker for running tests and as a non root users these tests fail, but when i add tomcat user to docker group it works fine but i do not think its safe like this.
is there any alternative for this ?

Thanks

Hi,

I think that, if you need tomcat to run docker, that would be the way to go. I presume that, in the case the server gets compromised, the attacker could launch containers in your system. I do not think there is a safer way to do this, though.

Hope it helps.

Best regards,

Javier J. Salmerón


Was my answer helpful? Click on :heart:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.