In this talk, we will look at the problems associated with running Docker containers with privileged status and some solutions to how you can harden your Docker-based security. Check it out!

To understand the problem, we will take a quick look at how user and group isolation works in Unix and how this translates into a container. We will also look at how user namespaces work in Docker and how simple it is to build a non-root Docker container. In addition to all of this, we will look at some simple tools which can automatically detect these problems and notify you if they occur.

Takeaways:

• How users and groups work in Unix

• Security problems with running container processes as root

• Understanding of container namespaces and user mappings

• How to build a non-Root container

• Edge cases where Root containers may be required

YOU MAY ALSO LIKE:

• Introduction to Docker Fundamentals (in London on 25th - 26th September 2017)
• ContainerSched 2017 - The Conference on DevOps, Cloud, Containers and Schedulers (in London on 28th - 29th September 2017)
• Kubernetes: Master Application Deployment and Scaling with Daniele Polencic (in London on 27th - 28th November 2017)
• Advanced Docker for Enterprise Operations (in London on 18th - 19th December 2017)