Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Are you sure about that? Because I was under the impression that these firewall rules are configured by Docker. So if you use Docker Compose with Podman emulating the Docker socket, this shouldn’t happen.

Maybe someone more knowledgeable can comment.



I think you are both correct, see https://news.ycombinator.com/item?id=42602429 - the socket would still listen on 0.0.0.0 but podman would not punch holes.


Aha, thanks for confirming! Yes, this was the behavior I was talking about.

I encountered it with Docker on NixOS and found it confusing. They have since documented this behavior: https://search.nixos.org/options?channel=24.11&show=virtuali...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: