luckberg/unraid-docker-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d07932f69f8d16d77ae188e6897a13554e57bc5e
unraid-docker-manager/.planning/phases/07-socket-security/07-03-PLAN.md
T
Lucas Berger fef21fd39a fix(07): revise plans based on checker feedback 
- Plan 02: Added Task 4 (checkpoint:human-action) to remove docker.sock
  volume mount from n8n container after verifying proxy works
- Plan 02: Added must_have truth for docker.sock removal (SEC-02 complete)
- Plan 03: Removed "Create API returns 403" from must_haves - container
  create is intentionally ALLOWED for update command functionality
- Plan 03: Added rationale explaining why container create is needed
- Clarified that blocked APIs are: exec, build, commit (not create)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-03 08:48:37 -05:00

140 lines
4.9 KiB
Markdown
Raw Blame History

---
phase: 07-socket-security
plan: 03
type: execute
wave: 2
depends_on: ["07-01"]
files_modified: []
autonomous: true
must_haves:
truths:
- "Exec API endpoint returns 403 Forbidden"
- "Build API endpoint returns 403 Forbidden"
- "Commit API endpoint returns 403 Forbidden"
artifacts: []
key_links:
- from: "n8n/curl"
to: "docker-socket-proxy:2375"
via: "blocked endpoints"
pattern: "403 Forbidden"
---
<objective>
Verify that dangerous Docker APIs are blocked by the proxy.
Purpose: Confirm SEC-03 requirement - socket proxy blocks dangerous APIs (exec, build, commit). Note: Container create is intentionally ALLOWED because the update command needs it to recreate containers with new images.
Output: Documented proof that blocked endpoints return 403 Forbidden.
</objective>
<execution_context>
@/home/luc/.claude/get-shit-done/workflows/execute-plan.md
@/home/luc/.claude/get-shit-done/templates/summary.md
</execution_context>
<context>
@.planning/PROJECT.md
@.planning/ROADMAP.md
@.planning/STATE.md
@.planning/phases/07-socket-security/07-CONTEXT.md
@.planning/phases/07-socket-security/07-RESEARCH.md
@.planning/phases/07-socket-security/07-01-SUMMARY.md
</context>
<tasks>
<task type="auto">
<name>Task 1: Test Blocked Endpoints Return 403</name>
<files>None (verification only)</files>
<action>
Test that the proxy correctly blocks dangerous Docker API endpoints.
**Test each blocked endpoint:**
1. **Exec (EXEC=0)** - Attempt to create an exec instance:
```
curl -s -o /dev/null -w "%{http_code}" -X POST 'http://docker-socket-proxy:2375/v1.47/containers/[any-container-id]/exec' -H "Content-Type: application/json" -d '{"Cmd":["echo","test"]}'
```
Expected: 403
2. **Build (BUILD=0)** - Attempt to build an image:
```
curl -s -o /dev/null -w "%{http_code}" -X POST 'http://docker-socket-proxy:2375/v1.47/build'
```
Expected: 403
3. **Commit (COMMIT=0)** - Attempt to commit a container:
```
curl -s -o /dev/null -w "%{http_code}" -X POST 'http://docker-socket-proxy:2375/v1.47/commit?container=[any-container-id]'
```
Expected: 403
**Note:** These tests should be run from inside the n8n container to verify the proxy is blocking correctly from the same network context.
If tests can't be run from n8n directly, document that proxy defaults block these endpoints (tecnativa proxy blocks by default when env vars are 0 or unset).
</action>
<verify>
All three blocked endpoints return HTTP 403 status code
</verify>
<done>SEC-03 verified: exec, build, and commit endpoints blocked with 403</done>
</task>
<task type="auto">
<name>Task 2: Document Security Configuration</name>
<files>None (documentation in SUMMARY)</files>
<action>
Document the security posture achieved:
**Allowed operations (required for bot functionality):**
- List containers (GET /containers/json)
- Inspect container (GET /containers/{id}/json)
- Start container (POST /containers/{id}/start)
- Stop container (POST /containers/{id}/stop)
- Restart container (POST /containers/{id}/restart)
- Remove container (DELETE /containers/{id})
- Create container (POST /containers/create) - needed for update command
- List images (GET /images/json)
- Inspect image (GET /images/{id}/json)
- Pull image (POST /images/create)
- Get logs (GET /containers/{id}/logs)
**Blocked operations (security threat):**
- Execute commands inside containers (POST /containers/{id}/exec) - blocks container escape
- Build images (POST /build) - blocks malicious image creation
- Commit containers to images (POST /commit) - blocks image tampering
- Manage secrets (POST /secrets/*) - blocks secret access
- Authentication operations - blocks credential theft
**Security benefit:**
Even if n8n is compromised, an attacker cannot:
- Execute arbitrary commands inside containers (no container escape)
- Build malicious images
- Access Docker secrets
**Why container create is allowed:**
The update command works by: pulling new image -> deleting old container -> creating new container with new image. Container create is necessary for this legitimate workflow operation. The risk of arbitrary container creation is mitigated by the fact that n8n workflow logic controls what containers are created, not external input.
</action>
<verify>
Documentation captured in plan summary
</verify>
<done>Security posture documented for SEC-03</done>
</task>
</tasks>
<verification>
1. Exec endpoint returns 403
2. Build endpoint returns 403
3. Commit endpoint returns 403
4. Security documentation complete
</verification>
<success_criteria>
- All three dangerous endpoints confirmed blocked (exec, build, commit)
- Security posture documented with rationale for allowed operations
</success_criteria>
<output>
After completion, create `.planning/phases/07-socket-security/07-03-SUMMARY.md`
</output>
Reference in New Issue View Git Blame Copy Permalink