This article from opensource.com is based on a talk I gave at DockerCon this year. It will discuss Docker container security, where we are currently, and where we are headed. Containers do not contain I hear and read about a lot of people assuming that Docker containers actually sandbox applications—meaning they can run random applications on their system as root with Docker. They believe Docker containers will actually protect their host system. I have heard people say Docker containers are...
UPDATE: Read the new article " How to run systemd in a container " for the latest information. I have been working on Docker for the last few months, mainly getting SELinux added to help CONTAIN Containers. libvirt-sandbox – virt-sandbox-service For the last couple of years I was working on a different container technology using libvirt-lxc, in addition to my regular SELinux job. I built the virt-sandbox-service tool which would carve up your host system into a bunch of service...
Dan Walsh writing a blog outside of DanWalsh.livejournal.com??? What is the world coming to? I was asked by Red Hat to start writing occasional articles for developers, so here it is. Writing SELinux Policy – A black art. I often find it comical that people think that writing SELinux policy is difficult. They imagine that the people doing it are GURU’s, The truth is, it is rather easy. Although, don’t tell my bosses that! There are some things that are...
Article
