Explore the intricacies of container security and the challenges of providing root shells to strangers on the internet in this 48-minute conference talk by Stephane Graber from Canonical Ltd. Delve into the world of LXD (Linux Containers) and learn about the security requirements, networking considerations, and privilege management involved in running such a service. Discover how kernel bugs and security updates impact container environments, and understand the tradeoffs made to balance functionality and safety. Gain insights into running your own search service and the lessons learned from five years of operating this unique platform. Conclude with a Q&A session to address specific concerns and curiosities about container security and management.
5 Years of Providing Root Shells - Security Challenges in Container Services
Overview
Syllabus
Introduction
What does Lexi do
Container Security
Requirements
Networking
Privileges
Kernel Bugs
Security Updates
Tradeoffs
Running your own search service
Conclusion
Questions
Taught by
Linux Foundation
Tags
Related Courses
-
Deploy and manage compute resources for Azure administrators
-
Restricted Address Spaces for Container Security
-
Making Containers Safer - Security Features and New Developments
-
The Container Security Checklist - CNCF
-
Making Unprivileged Containers More Usable
-
Improving Container Security with System Call Interception
