| San Francisco

Checking your --privileged container | BSidesSF 2020 | with Sam "Frenchie" Stewart

  • Container security
Play

Docker provides a convenient privileged flag to create “privileged containers” but what does it actually do? In this talk, we will explain the internals of how docker provides isolation, and what happens when these security features are disabled. Spoiler alert: trivial container escapes.