Right. First workshop of #srecon 2018 Americas - Containers from Scratch by @nukemberg and @nocoot. Here we go.
-
Show this thread
-
First lab/workshop I've done which is using http://strigo.io . This should be fun.
#SREcon1 reply 0 retweets 2 likesShow this thread -
Interesting. "Containers from scratch" means "start from fork() and exec(), and use syscalls to get to containerised binaries."
#SREcon1 reply 0 retweets 1 likeShow this thread -
Containers use: - Namespaces - CGroups - Copy-on-write (CoW) filesystems.
#SREcon1 reply 0 retweets 0 likesShow this thread -
"There is no such thing as a Linux container" - it's a composition of a bunch of different kernel features. Linux was not designed for this (c.f. Solaris, FreeBSD etc.)
2 replies 1 retweet 3 likesShow this thread -
So, what I've learned from level 1: Python os.execv (and, I assume, the underlying syscall) are stupid. Why does the list in the second argument include the path to the binary, which is the first argument you've already passed? Grr.
#SREcon5 replies 0 retweets 3 likesShow this thread
Because argv[0] being the name of the program is just a convention, and there are times you want to break it (e.g. when program selects its behavior based on name in argv[0] and you want to override).
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.