This event has ended. Visit the official site or create your own event on Sched.
October 23-26, 2017 - Prague, Czech Republic
Click Here For Information & Registration
Back To Schedule
Tuesday, October 24 • 16:05 - 16:45
Why mount() is a Liability for Container Engines, and How They Address It - Tycho Andersen, Docker Inc

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
One of the most obvious features of containers to new users is that they allow for isolated root filesystem environments. The way container engines achieve this is through careful manipulation mount namespaces and mount sharing flags. If one of these steps is handled incorrectly, attackers may be able to control the host. Further, even if mounts are configured correctly, things like binding or moving mounts, or simply creating a whole new copy of a virtual filesystem can make host filesystem security more difficult to reason about. And on top of that, malicious users could also exploit unknown bugs in filesystem block parsers.

While most container engines heavily lock down mount() by default, it is useful to understand *why* this is the case and what possible exploits look like. In this talk, I’ll cover basics of how a container’s rootfs is configured, as well as how mount flags interact with namespaces, and what container engines do about all this.


Tycho Andersen

Software Engineer, Docker, Inc
Tycho is an engineer at Docker working on LinuxKit, a toolkit for building container-focused host operating systems out of Linux. In his spare time he rides bikes and does improv comedy. Tycho has been fortunate to speak at a number of industry conferences including linux.conf.au... Read More →

Tuesday October 24, 2017 16:05 - 16:45 CEST
Karlin I