container_security_book

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
container_security_book [2020/01/04 10:23] – [Observations] rpjdaycontainer_security_book [2020/01/18 21:45] (current) – [CHECK OUT] rpjday
Line 6: Line 6:
  
   * Is there a market for a book on underlying container technology?   * Is there a market for a book on underlying container technology?
-  * Works with context outside of Docker?+  * Works with context outside of Docker? podman? cgroups v2? 
 +  * "system containers" such as LXC and LXD? 
 +  * technologies: 
 +    * cgroups 
 +    * namespaces 
 +    * chroot 
 +  * scanning images 
 +  * rootfull versus rootless images 
 +  * too much setuid stuff, need to assume a lot of that 
 +  * emphasize ephemeral images 
 + 
 +===== CHECK OUT ===== 
 + 
 +  * "sidecar" containers 
 +  * Docker daemon needs to run as root, podman has no daemon 
 +  * "runc" and JSON bundle
  • container_security_book.1578133409.txt.gz
  • Last modified: 2020/01/04 10:23
  • by rpjday