Is “fly launch –dockerfile” safe to use with untrusted Dockerfiles? [REPOST]

v-yanakiev · March 6, 2025, 11:05am

As part of a system to run untrusted user code, I’ve considered allowing users to define their own execution environments using a Dockerfile.

So: is calling “fly launch --dockerfile pathToUserDockerfile --name someUserApp” safe? That is, is there some Dockerfile that would allow a user to gain control of the machine calling “fly launch”?

(Reposted from: Is "fly launch --dockerfile" safe to use with untrusted Dockerfiles?)

rubys · March 6, 2025, 2:05pm

I wish I had enough security chops to give you a definitive answer, but my understanding is that what you described is intended to be safe, with (at least?) two caveats:

for you to run fly launch you need an access token or macaroon. If you make that secret available to the app you launched, that app can do some mischief.
if you launch an app in the same org as your machine, it will be in the same private network. If your machine has ports open, it can access them.

system · March 13, 2025, 2:05pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is "fly launch --dockerfile" safe to use with untrusted Dockerfiles? machines , flyctl , security , builders	1	24	February 2, 2025
On demand docker container spinup for safe user code execution Questions / Help	9	1382	March 20, 2023
finite lifetime private workers	9	451	December 2, 2021
Deploying user-code with fly machines API - how to create docker images? Questions / Help machines , registry	2	501	September 15, 2023
noob conceptual question	2	324	February 18, 2023

Is “fly launch –dockerfile” safe to use with untrusted Dockerfiles? [REPOST]

Related topics