compose: core: remove /dev:/dev binding

Binding the host's devtmpfs inside a container, especially in combination with `privileged: true` has a high likelyhood of tampering with host device permissions and nodes. Remove it. Change-type: patch Signed-off-by: Joseph Kogut <[email protected]>
balena-os · Jan 31, 2024 · b55c71f · b55c71f
1 parent 4b8749e
commit b55c71f
Showing 1 changed file with 0 additions and 2 deletions.
diff --git a/docker-compose.client.yml b/docker-compose.client.yml
@@ -38,8 +38,6 @@ services:
       - /var/run # use tmpfs docker-in-docker pid files
       - /var/lib/docker # use tmpfs for docker-in-docker data root
     restart: 'no'
-    devices:
-      - /dev:/dev # required for creating losetup devices during preload
 
 volumes:
   core-storage: