Explore the concept of rootless containers in this insightful conference talk by Liz Rice from Aqua Security. Dive into the intricacies of running containers without root privileges, understanding namespaces, and implementing user ID mapping. Learn about the Go username spaces, the process of changing the root of a container, and the role of the proc filesystem in containerization. Gain valuable knowledge on enhancing container security and reducing potential vulnerabilities in your containerized applications.
Overview
Syllabus
Introduction
Running as root
namespaces
Go
Username Spaces
Mapping User IDs
Changing the root of the container
proc
Taught by
Linux Foundation
Tags
Related Courses
-
Containers From Scratch
-
Isolate the Users! Supporting User Namespaces in K8s for Increased Security
-
What Have Namespaces Done for You Lately? - Writing Containers from Scratch
-
runC: The Little Engine That Could Run Docker Containers - Black Belt Track
-
State of the User Namespace - Privileged Containers and Security Implications
-
Send in the Chown - Systemd Containers in User Namespaces
