docker-bastion

History

Fabian @ Blax Software 964bb394db feat(examples): docker-mailserver "fake VPS" scoped to one directory A disposable jail container that bind-mounts only one directory; the bastion's FORCE_COMMAND drops every SSH session into an interactive shell inside it. The jail's own root fs is throwaway image data, so the only host data reachable over the session is the mounted directory. Documents the docker-socket tradeoff and the read-only / no-socket hardened variants. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-03 13:35:47 +02:00
..
docker-mailserver	feat(broker): allowlist-gated command broker mode	2026-06-02 19:32:57 +02:00
docker-mailserver-vps	feat(examples): docker-mailserver "fake VPS" scoped to one directory	2026-06-03 13:35:47 +02:00

Fabian @ Blax Software 964bb394db feat(examples): docker-mailserver "fake VPS" scoped to one directory

A disposable jail container that bind-mounts only one directory; the
bastion's FORCE_COMMAND drops every SSH session into an interactive shell
inside it. The jail's own root fs is throwaway image data, so the only host
data reachable over the session is the mounted directory. Documents the
docker-socket tradeoff and the read-only / no-socket hardened variants.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-03 13:35:47 +02:00

docker-mailserver

feat(broker): allowlist-gated command broker mode

2026-06-02 19:32:57 +02:00

docker-mailserver-vps

feat(examples): docker-mailserver "fake VPS" scoped to one directory

2026-06-03 13:35:47 +02:00