Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ===== Overview ===== General observations ... ===== Observations ===== * Is there a market for a book on underlying container technology? * Works with context outside of Docker? podman? cgroups v2? * "system containers" such as LXC and LXD? * technologies: * cgroups * namespaces * chroot * scanning images * rootfull versus rootless images * too much setuid stuff, need to assume a lot of that * emphasize ephemeral images ===== CHECK OUT ===== * "sidecar" containers * Docker daemon needs to run as root, podman has no daemon * "runc" and JSON bundle container_security_book.txt Last modified: 2020/01/18 21:45by rpjday