Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Docker scout - docker's official vulnerabilty and policy scanner [Unraid Security]

Featured Replies

Docker recently release Docker Scout.

I think it would be interesting at least to have the scout-cli already included in Unraid by default. An step further would be an additional page in unraid to see a report of the vulnerabilities found, the command line is pretty simple and the output could be easily formated for a web internface.

https://docs.docker.com/scout/

https://github.com/docker/scout-cli

https://docs.docker.com/scout/dashboard (this is only docker hub, doesn't apply just interesting)

 

@primeval_god I think it might be of your interest since you are already adding the compose packages via plugin, although official support would be ideal

 

 

 

 

Edited by L0rdRaiden

This looks like a tool for docker images developers. I am not sure of how much utility it would be for unRAID users.

  • Author
3 hours ago, primeval_god said:

This looks like a tool for docker images developers. I am not sure of how much utility it would be for unRAID users.

 

It's a tool that can give you all the vulnerabilities and misconfigurations of the local images.

Is meant for devs in an enterprise environment because enterprises don't use docker CLI in production or preprod environments but since unRAID does we can use it to have this information about the security vulnerabilities of the images used by the containers.

Right but the things it reports arent things that the user can do anything about (unless they are willing to build there own docker images that is). Its primary audience would be the developers who build the images. The majority of unRAID users aren't building their own images, or even getting them from Docker hub i would wager, they are using what is available in CA.

  • Author
On 11/8/2023 at 9:42 PM, primeval_god said:

Right but the things it reports arent things that the user can do anything about (unless they are willing to build there own docker images that is). Its primary audience would be the developers who build the images. The majority of unRAID users aren't building their own images, or even getting them from Docker hub i would wager, they are using what is available in CA.

 

 

Unraid apps catalog contains many dead projects, abandoned images, etc. mainly because you are force to use docker run instead compose so people in the community in many cases have done custom images to overcome unraid's limitations, like when needs more than 1 image to work, any project like this requires a custom unofficial image to be an app in Unraid's catalog.

 

The reports are useful to understand the vulnerabilities of the images and act about it, you can do a lot, like using another image or not using it at all because is a service that you have published on internet and is vulnerable to a remote attack.

 

  • 1 month later...
  • Author

any chance someone can add this packages via plugin?

  • 5 months later...

I would like to use this plugin to scan for vulnerabilities

As a result I would like to uninstall them if they have to much open unsolved issues or maybe contact the developersto inform them about it.

This type of security scans should be available inside a basic toolbox of every unRaid user.

 

Another thing is... As soon as you put any of the containers in an Internet reachable environment, then every script kiddy can do the scout scan of the unRaid container by themself and use the list of CVEs to hack your services easily.

 

A perfect solution would be to see the scan results of the scout before you even install the container and to warn the user if a updated container include new vulnerabilities.

Edited by HelixX23
misspelling in autocorrection

  • 2 months later...
  • Author

Anyone can do a plugin for docker scout please?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.