Hacker News new | past | comments | ask | show | jobs | submit login

Tunneling still binds a localhost port to your database, so it'd still be vulnerable to this attack even though it's running a container or VM.



No, it doesn't. If you are running Vagrant in a bridging config, it has it's own separate IP on the network. If you are running it as a private network, it has it's own IP on a private subnet isolated to the host machine. You have to explicitly do port forwarding to make it work as you describe.

EDIT: I'm not thinking straight. Please ignore me.


> You have to explicitly do port forwarding

> Tunneling

Yes, that is what GP was describing.


Sorry. You are correct, sir.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: