Why are the unsafe challenges in OWASP Juice Shop a security risk in containerized environments?
OWASP Juice Shop is a popular tool for web security training, demos and learning. I am using the provided docker container and hosting it in a dedicated computer. However, there are certain challenges that are disabled in containerized environments (like docker or Heroku) by default. This especially includes challenges that involve remote code execution or arbitrary file writes. There is a note on their webpage about this. However, it's not very specific, only citing safety reasons and that such challenges can not be sandboxed in a 100% secure way.
My question is: Why? OWASP Juice Shop is already being hosted in a containerized and thus mostly isolated environment. A properly configured container (e.g. launched with the suggested command sudo docker run -d -p 3000:3000 bkimminich/juice-shop) should not provide any relevant access to the host system, except for publishing the port publically. Was this decision taken out of an abundance of caution regarding possible container breakouts vulnerabilities in docker or the kernel? Or is there a more practical risk involving this that I'm missing?
