Naked Container: A container run without the default AppArmor, default Seccomp, or SELinux. Naked Containers make me sad.
I see the value of LSMs and seccomp for hardening, but don't see why they're needed for a container that is safe as long as the kernel is
-
-
updating kernels right when an 0day comes out is super hard for large orgs which I'm sure you know so it's nice to have an extra layer
-
ah, I think I misinterpreted your initial tweet. sorry!
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.