Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Making Containers Safer - Security Features and New Developments

Linux Foundation via YouTube

Overview

Explore container security in this 45-minute conference talk by Stéphane Graber and Christian Brauner from Canonical Ltd. Delve into the various types of containers, their security features, and security models. Examine recent kernel developments aimed at enhancing the safety and usability of unprivileged containers. Learn about crucial security features such as namespaces, Seccomp, and Linux Security Modules. Discover new features like Secum, MakeNot, Extended Cisco Filtering, and Stacking Idea. Gain insights into remaining challenges in container security and potential solutions, including the Mount API, keyring namespacing, and file descriptors. Understand the implications of CVE-2019-5736 and how it exposed vulnerabilities in most containers.

Syllabus

Introduction
Terminology
Previous Containers
Bad CVS
Security features
Namespaces
Seccomp
Linux Security Summit
New features
Secum
MakeNot
Extended Cisco Filtering
Stacking
Idea
Mount API
keyring namespacing
file descriptors

Taught by

Linux Foundation

Reviews

Start your review of Making Containers Safer - Security Features and New Developments

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.