DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

Hardening Docker Container Using Seccomp Security Profile

4 years ago dzone.com

Summary: This is a summary of an article originally published by the source. Read the full original article here →

Secure Computing Mode, also known as Seccomp, is a Linux kernel feature that improves several security features to help run Docker in a more secure environment. It is more like a sandbox environment that not only acts as a firewall for syscalls but also enables you to restrict the actions available within the Docker containers to the host’s Linux kernel. In this guide, you will learn how to run a container with and without the Seccomp profile.

Now there are a couple of ways to run Docker container with a Seccomp profile, either you can run a docker container with the default profile through the command line, or specify a specific custom profile in .json format, or you can specify your Seccomp profile in Daemon configuration file.

For some reason, if you wish to run a container without Seccomp profile, then you can override this by using --security-opt flag with unconfined flag: To see if your Docker container runs without Seccomp profile, use this: You will see Seccomp: 0, which means the container is running without the default Seccomp profile.

Read More
Oh Dear
Oh Dear
The all-in-one monitoring tool for your entire website
Fathom
Fathom
Fathom Analytics: A Better Google Analytics Alternative
Namecheap
Namecheap
DevOpsChat Logo Your DevOps Community
Product
Useful Links

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com