Vulnerability Analysis and Security Research of Docker Container

Docker is an open source application container engine that enables users to pack applications and rely on packages to portable containers. However, Docker also has concerns about security. This paper starts from four aspects of Docker vulnerability, including file system isolation, process and communication isolation, device management and host resource constraints, network isolation and image transmission. Interact with the security module of Linux kernel to enhance the security of Docker, and take active and effective measures to enhance the security of Docker. This paper presents a general picture of current Docker security research, explores and looks into the development trend of Docker security research, and lays a good foundation for the better application of Docker in production.