In my desktop application I have a pfx file that should be protected safely. If I am using docker for this application, how can I protect the pfx file inside the docker. It should not be accessible by the other applications and it should persist throughout the lifetime of the application.
Asked
Active
Viewed 154 times
-2
-
Are you trying to run a Desktop app from inside of docker? This isn't really how docker works as its primarily for headless services or web apps. – newky2k Sep 22 '21 at 07:11
-
Ok.Thanks @newky2k. Currently I am storing the pfx file inside the filesystem. Is there any option to protect the pfx file using dockers. – Anu Hardin Sep 22 '21 at 07:19
-
1Anyone who can run any `docker` command at all can trivially read or write any file on the host system or in any container. By using Docker here you lose the protection you'd get from ordinary filesystem permissions (in effect by requiring the user to run your application as root). – David Maze Sep 22 '21 at 10:12
1 Answers
0
You could mount your pfx file as read only in your container.
By instance, if your file is in your current directory :
With docker-compose
services: app: volumes: - ${PWD}/my_file.pfx:/path/in/container:roWith docker run:
docker run -v ./my_file.pfx:/path/in/container:ro myimage
Etienne Dijon
- 1,093
- 5
- 10