BSidesSF 2020: Checking your --privileged container

Checking your --privileged container

Feedback form is now closed.

Docker provides a convenient --privileged flag to create "privileged containers" but what does it actually do? In this talk, we will explain the internals of how docker provides isolation, and what happens when these security features are disabled. Spoiler alert: trivial container escapes.

Speakers

Sam "Frenchie" Stewart

Cruise

Frenchie is far too biased to answer this question, and instead chooses to break the 4th wall. Originally from Batmania. Currently, he is part of the :robot: :car: Skynet prevention squad where he improvises the role of Infrastructure Security Engineering Manager at Cruise.

Maya Kaczorowski

Product Manager, Software Supply Chain Security, GitHub

Maya is a Product Manager for Software Supply Chain Security at GitHub. She was previously at Google, focused on container security, and encryption at rest and encryption key management. Prior to Google, she was at McKinsey & Company, and before that, completed her Master\'s in mathematics... Read More →

BSidesSF Checking your privileged container 2020:02:23 pdf

Sunday February 23, 2020 11:05am - 11:30am
Theater 16 (IMAX) AMC at Metreon

Talk

BSidesSF 2020

Sam "Frenchie" Stewart

Maya Kaczorowski

Attendees (113)

Recently Active Attendees

Twitter Feed

BSidesSF 2020

Sign up or log in to save this to your schedule and see who's attending!

Sam "Frenchie" Stewart

Maya Kaczorowski

Attendees (113)

Recently Active Attendees

Twitter Feed