command execution should be prevented by context

[aniruddhas]

⚠️ Please verify that this bug has NOT been reported before.

• I checked and didn't find similar issue

🛡️ Security Policy

• I agree to have read this project Security Policy

Description

First of all, Thanks for this awesome project and great work!
You've implemented a superb feature to ensure security of the host. This is evident by allowing only these commands in console tab: "docker, ls, cd, dir"
Unfortunately, I ran into an issue when I executed "docker exec -it container sh"
I couldn't exit it, as it's prohibited.

👟 Reproduction steps

Download this dockge image as recommended:
louislam/dockge:1

1. Import your containers/ let dockge manage your containers
2. Try to use docker attach / exec shell to any container
3. Try exiting.

👀 Expected behavior

exit command should be allowed in the context

😓 Actual Behavior

can't exit.

Dockge Version

1

💻 Operating System and Arch

Debian bullseye

🌐 Browser

Firefox Nightly

🐋 Docker Version

Docker 25

🟩 NodeJS Version

NA

📝 Relevant log output

NA

[aniruddhas]

Had to restart the container to which I had attached from console.
If console has an option to kill current session, that should also suffice instead of getting into complicated contextualisation of commands.

[FireFingers21]

There are also issues with other commands like docker image prune where the shell asks for confirmation with "Are you sure you want to continue? [y/N]". Typing y or n isn't allowed so you're essentially stuck unless you Ctrl+C to abort.

[mattdavis90]

I was about to open another issue for this but I think it's sufficiently related that putting it here makes sense - apologies if you disagree. The allowed list of commands is only check in a basic way. For instance

ls # works
id # doesn't work
ls; id # doesn't work
ls && id # both commands run correctly

Essentially && can be used as an escape. For the additional context of this thread you could probably use this to ls && exit your docker command, and you could try docker image prune -f to avoid input.

[dengesCU]

Came here to say what @mattdavis90 said. I actually didn't even try

ls && id # both commands run correctly

but I found that

ls ; id

does work ( the space after ls is important).

[FlorianFreudiger]

Maybe I am missing something here, but isn't access to Dockge not already equivalent to root access on the host anyway?

If so, why are we even trying to filter commands at all?
Or am I misunderstanding and this isn't a security feature but a safety feature?
(e.g. for example to prevent commands that would display incorrectly in such a web-shell)

Because if this is for security, there a probably many ways such filters can be bypassed. I feel like trying to chase all of them down is unnecessary effort.

Given the docker command is allowed and seemingly unrestricted there are many documented ways to escape to the host

I have been able to run

docker run -it --privileged -v /:/host/ ubuntu bash

which maps the whole filesystem of the host into the /host directory. If someone would want to do damage they could just replace the bash command with rm -rf .... , similarly you could map devices, add capabilities, ...
And while Dockge could try to filter the contents of the docker command this might just be a cat-and-mouse game

Completely turning off this Console feature like @louislam planned in #41 (comment) might be better,
but can't someone with access just create a new stack with the same problematic options?