Making Containers Safer - Security Features and New Developments
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore container security in this 45-minute conference talk by Stéphane Graber and Christian Brauner from Canonical Ltd. Delve into the various types of containers, their security features, and security models. Examine recent kernel developments aimed at enhancing the safety and usability of unprivileged containers. Learn about crucial security features such as namespaces, Seccomp, and Linux Security Modules. Discover new features like Secum, MakeNot, Extended Cisco Filtering, and Stacking Idea. Gain insights into remaining challenges in container security and potential solutions, including the Mount API, keyring namespacing, and file descriptors. Understand the implications of CVE-2019-5736 and how it exposed vulnerabilities in most containers.
Syllabus
Introduction
Terminology
Previous Containers
Bad CVS
Security features
Namespaces
Seccomp
Linux Security Summit
New features
Secum
MakeNot
Extended Cisco Filtering
Stacking
Idea
Mount API
keyring namespacing
file descriptors
Taught by
Linux Foundation
Tags
Related Courses
Scenario Based LXD/LXC SecurityA Cloud Guru Scenario Based Docker Security
A Cloud Guru Using Seccomp to Limit the Kernel Attack Surface
Linux Foundation via YouTube Trace Me if You Can - Bypassing Linux Syscall Tracing
Black Hat via YouTube Sandboxing Based on SECCOMP for Linux Kernel
Ekoparty Security Conference via YouTube