BSidesSF 2020 | Checking your —privileged container with Sam “Frenchie” Stewart

Docker provides a convenient privileged flag to create “privileged containers” but what does it actually do? In this talk, we will explain the internals of how docker provides isolation, and what happens when these security features are disabled. Spoiler alert: trivial container escapes.