Date post: | 16-Jul-2015 |
Category: |
Technology |
Upload: | gnosek |
View: | 125 times |
Download: | 1 times |
POST /v1.16/containers/0abe202395e4e61fc35f8f90e3432ad0f2fb3d3816a79c367ff716ecb57965dc/resize?h=24&w=107 HTTP/1.1
Host: /var/run/docker.sockUser-Agent: Docker-Client/1.4.0Content-Length: 0Content-Type: plain/text
"In the future, we expect new execution engine plugins to offer more choice and greater
granularity for our security-focused users."
„trusted” imageshttps://titanous.com/posts/docker-insecurity
remaining setuid bits
lxc-user-nic a couple netlink packets if you need a private net with CAP_NET_ADMIN !newuidmap a single write() newgidmap if you need multiple uids/gids