Is building a 3rd party Docker image insecure?

Assuming:

• A 3rd party provides a Dockerfile that I do not review
• I build the Docker image (docker build or similar) on my infrastructure
• the build has a time limit (e.g. max 5 minutes)

Is this insecure for my infrastructure/machine?

If so, why?

For more context, this is like a CI system where I build customer's Docker images on my infrastructure.

You are giving arbitrary code access to write to disk, use memory, use up to 5 minutes of CPU time, access the network, and access the same kernel running everything else on the host. There are various attacks I could think of:

1. An attacker could potentially use the network access to pivot to other internal resources, or spawn lots of builds to DoS external users.
2. They could potentially use network access for sending spam.
3. They could trigger a denial of service on the host by exhausting the resources (filling the disk or using all of the memory).
4. They could launch a fork bomb to exhaust the kernel of resources and make the host inaccessible/crash.
5. If an exploit is found in the kernel, container runtime, or build tooling, that exploit could potentially give them access to access the host directly.