container_security_book

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
container_security_book [2020/01/04 10:26] – [Observations] rpjdaycontainer_security_book [2020/01/18 21:45] (current) – [CHECK OUT] rpjday
Line 6: Line 6:
  
   * Is there a market for a book on underlying container technology?   * Is there a market for a book on underlying container technology?
-  * Works with context outside of Docker? podman?+  * Works with context outside of Docker? podman? cgroups v2?
   * "system containers" such as LXC and LXD?   * "system containers" such as LXC and LXD?
 +  * technologies:
 +    * cgroups
 +    * namespaces
 +    * chroot
 +  * scanning images
 +  * rootfull versus rootless images
 +  * too much setuid stuff, need to assume a lot of that
 +  * emphasize ephemeral images
 +
 +===== CHECK OUT =====
 +
 +  * "sidecar" containers
 +  * Docker daemon needs to run as root, podman has no daemon
 +  * "runc" and JSON bundle
  • container_security_book.1578133561.txt.gz
  • Last modified: 2020/01/04 10:26
  • by rpjday