Docker Breakout – Linux Privilege Escalation
Introduction to Docker Container Breakouts | Redfox Security
Evolving Container Security With Linux User Namespaces | by Netflix Technology Blog | Netflix TechBlog
Why am I able to bind a privileged port in my container without the NET_BIND_SERVICE capability? | by Olivier Gaumond | Medium
OWASP-K8S Security: Insecure Workload Configurations | by Zeyad Abulaban | System Weakness
Capabilities - Attacking and Auditing Docker Containers and Kubernetes Clusters
Bringing new security features to Docker | Opensource.com
Easy mitigation for container escape / CVE-2022-0185 Linux kernel vulnerability - Bridgecrew Blog
Accuracy w/r/t https://github.com/docker/labs/tree/master/security/capabilities · Issue #469 · docker/labs · GitHub
Confining Resources inside Docker Containers with AppArmor
XetHub | Streamline distributed ML training with Docker filesystem mounts
Towards unprivileged container builds | Kinvolk
Linux Container Basics: Capabilities - SCHUTZWERK
Introduction to Docker Container Breakouts | Redfox Security
7 Docker security vulnerabilities and threats – Sysdig
Avoid Using Lazy, Privileged Docker Containers - Linux.com
Docker Breakout – Linux Privilege Escalation
Accuracy w/r/t https://github.com/docker/labs/tree/master/security/capabilities · Issue #469 · docker/labs · GitHub
DockerCon2017_performance_analysis.pdf
Profiling application running on 2 different docker containers using Intel® VTune™ Profiler - Stack Overflow
Container Escape: All You Need is Cap (Capabilities)
Towards unprivileged container builds | Kinvolk
Container breakout: CAP_SYS_ADMIN via Creating a cgroup and using unshare utility | by n00🔑 | Medium
Post | Dreamlab Technologies
Confining Resources inside Docker Containers with AppArmor
