Back To Schedule
Tuesday, October 27 • 16:15 - 17:05
Rootless Containers from Scratch - Liz Rice, Aqua Security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Containers have taken off as one of the foundational technologies that enabled cloud native application development and deployment. But despite their widespread adoption through Docker, Kubernetes and other tools, there has been a significant security risk: users have effectively needed root privileges in order to run containers on a host. Recently there have been significant advances to enable “rootless containers” - containers that can be run without requiring root privileges. This talk will use live-coding in Go to illustrate how rootless containers are created, exploring why root was originally required and what has changed to enable rootless operation. This talk assumes that you have some familiarity with how containers are built using namespaces, cgroups and chroot.

avatar for Liz Rice

Liz Rice

VP Open Source Engineering, Aqua Security
Liz Rice is VP Open Source Engineering with cloud native security specialists Aqua Security, looking after projects including Starboard, Trivy, Tracee, kube-hunter and kube-bench. She is chair of the CNCF's Technical Oversight Committee, and was Co-Chair of KubeCon + CloudNativeCon... Read More →

Tuesday October 27, 2020 16:15 - 17:05 GMT
Linux Systems Theater