Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Restricted Address Spaces for Container Security

Linux Foundation via YouTube

Overview

Explore container security through restricted address spaces in this 30-minute conference talk by IBM experts Mike Rapoport and James Bottomley. Delve into topics such as container images, hardware resolution, vulnerability, and parent namespaces. Examine network namespaces, unmapped management, and related use cases. Gain insights into kernel page tables, direct mapping, and benchmarks. Investigate cache considerations, GFP and Lab exclusives, metadata, and the networking stack. Conclude with testing methodologies and key takeaways for enhancing container security through address space restrictions.

Syllabus

Introduction
Container images
Container hardware resolution
Container vulnerability
Parent namespace
Network namespace
Unmapped
Management
Related Use Cases
Kernel Page Tables
Direct Map
Benchmarks
Cache
GFP Exclusive
Lab Exclusive
Metadata
Networking Stack
Conclusion
Testing

Taught by

Linux Foundation

Reviews

Start your review of Restricted Address Spaces for Container Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.