This repository was archived by the owner on Nov 19, 2021. It is now read-only.
This repository was archived by the owner on Nov 19, 2021. It is now read-only.
Risky data exposed to public access #32
Description
Hi,
I'm a security researcher and am doing some study of public docker images. I found some misconfigurations in your docker image smmccabe/docker may expose some sensitive data. I want to report these potential issues to you so you can fix them if necessary.
The data exposure I found includes:
- git files: like /imagick/.gitignore, /imagick/.git/*,
- docker files: like /imagick/docker-compose.yml , /imagick/docker/fedora/Dockerfile, /imagick/docker/developing/Dockerfile, /imagick/docker/installImageMagick.sh
Would it be better to block these accesses in your docker image? If you want, I can also help fix them by creating pull requests on your git repo. Please let me know what you think. Thanks!
Best Regards,