Naked Container: A container run without the default AppArmor, default Seccomp, or SELinux. Naked Containers make me sad.
-
-
I see the value of LSMs and seccomp for hardening, but don't see why they're needed for a container that is safe as long as the kernel is
-
updating kernels right when an 0day comes out is super hard for large orgs which I'm sure you know so it's nice to have an extra layer
- 2 more replies
New conversation -
-
-
well you wrote the book on that
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.