The name of this blog post says it all… in some sense, I’m surprised that Docker made this trivial security programming mistake, but perhaps I shouldn’t be, since Docker started out as a much smaller project than the project it grew to become.
20190601/https://duo.com/decipher/docker-bug-allows-root-access-to-host-file-system