Navigation
Search
|
[$] System call interception for unprivileged containers
Thursday June 30, 2022. 12:42 AM , from LWN.net
On the first day of the 2022 Linux
Security Summit North America (LSSNA) in Austin, Texas, Stéphane Graber and Christian Brauner gave a presentation on using system-call interception for container security purposes. The idea is to allow unprivileged containers, those without elevated privileges on the host, to still accomplish their tasks, some of which require privileges. A fair amount of work has been done to make this viable, but there is still more to do.
https://lwn.net/Articles/899281/
|
25 sources
Current Date
Mar, Thu 28 - 12:07 CET
|