Checking your --privileged container

Presented at BSidesSF 2021 Virtual, March 9, 2021, 1:05 p.m. (25 minutes)

Streaming at [https://youtu.be/wa\_T8vAv9kg](https://youtu.be/wa_T8vAv9kg) Join us at [r/BSidesSF](https://reddit.com/r/BSidesSF) on Reddit for live AMA style Q&A (2020) Docker provides a convenient --privileged flag to create "privileged containers" but what does it actually do? In this talk, we will explain the internals of how docker provides isolation, and what happens when these security features are disabled. Spoiler alert: trivial container escapes.

Presenters:

• Sam "Frenchie" Stewart
  Frenchie is far too biased to answer this question, and instead chooses to break the 4th wall. Originally from Batmania, live[d|s] in San Secuestro, now in Middle Earth. Currently Infrastructure Security @ Brex. Previously, Infrastructure Security Engineering Manager at Cruise. Shipped https://github.com/cruise-automation/k-rail
• Maya Kaczorowski
  Maya is a Product Manager at GitHub in software supply chain security. She was previously in Security & Privacy at Google, focused on container security, and encryption at rest and encryption key management. Prior to Google, she was an Engagement Manager at McKinsey & Company, working in IT security for large enterprises. She completed her Master's in mathematics focusing on cryptography and game theory. Outside of work, Maya is passionate about ice cream, puzzling, running, and reading nonfiction.

Links:

• https://bsidessf2021.sched.com/event/iD6A/checking-your-privileged-container

Similar Presentations:

• BSidesSF 2021 Virtual / Closing Remarks
• BSidesSF 2021 Virtual / So you're the first security hire
• BSidesSF 2021 Virtual / Switched On: Behavioral Science, hypervigilance, and the human impact of cyber-defense and crisis management