Overview
Dive deep into user namespaces, a crucial technology for application isolation and sandboxing, in this 54-minute conference talk. Explore the fundamentals of user namespaces, their role in running containers without root privileges, and their application in sandboxing web browser plug-ins. Gain insights into the capabilities and limitations of being a "superuser inside a user namespace," and understand the intricate relationships between user namespaces and other namespace types such as PID, UTS, and network. Examine the security implications of user namespaces and learn simple shell commands for creating and experimenting with them. Benefit from live demonstrations that illustrate key concepts. While prior attendance of the "Linux namespaces" presentation is helpful, it is not mandatory for understanding this in-depth exploration of user namespaces.
Syllabus
Containers unplugged: understanding user namespaces - Michael Kerrisk
Taught by
NDC Conferences