Avoid Using Lazy, Privileged Docker Containers

Posted by bob on Jun 1, 2017 9:56 AM CST
Linux.com - Original Content; By Chris Binnie 		Mail this story
Print this story

Running your container using privileged mode opens up a world of pain if your container is abused. Not only are your host's resources directly accessed with impunity by code within your container (a little like enabling the omnipotent CAP_SYS_ADMIN capability) but you're also relinquishing the cgroups resource limitations which were added to the kernel as a level of protection, too.

Full Story

  Nav
» Read more about: Story Type: Tutorial; Groups: Linux, Virtualization

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.