Sign up to save your podcasts
Or
Share Problematic Privileges
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Problematic Privileges
Wes takes a quick look at a container escape proof-of-concept and reviews Docker security best practices.
Links:
- Understanding Docker container escapes | Trail of Bits Blog — Linux cgroups are one of the mechanisms by which Docker isolates containers. The PoC abuses the functionality of the notify_on_release.
- Felix Wilhelm on Twitter — Quick and dirty way to get out of a privileged k8s pod or docker container by using cgroups release_agent feature.
View all episodes
By Jupiter Broadcasting
4.9
112112 ratings
Wes takes a quick look at a container escape proof-of-concept and reviews Docker security best practices.
Links:
- Understanding Docker container escapes | Trail of Bits Blog — Linux cgroups are one of the mechanisms by which Docker isolates containers. The PoC abuses the functionality of the notify_on_release.
- Felix Wilhelm on Twitter — Quick and dirty way to get out of a privileged k8s pod or docker container by using cgroups release_agent feature.