Loading…
June 26-27, 2024 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2024 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
← Back to schedule
User Namespaces in Kubernetes: Security and Flexibility - Pick Both - David Leadbeater, G-Research
Thursday June 27, 2024 2:45pm - 3:20pm PDT
445
Kubernetes has not made use of user namespaces, despite the fact that Linux has supported them for around 10 years. This is changing and in Kubernetes 1.30 user namespaces will become a beta feature. Users will begin to benefit from the increased security and flexibility they offer if they adopt several simple practices. This presentation will introduce the concepts, such as Linux namespaces, that make containers possible on Linux. It will explain what user namespaces are, and demonstrate how they can help mitigate a recently discovered vulnerability in the container ecosystem. Finally, it will demonstrate the flexibility of user namespaces through running Docker inside a container without using "privileged” mode, as some common "Docker-in-Docker" approaches do.
Speakers
avatar for David Leadbeater

David Leadbeater

Open Source Engineer, G-Research
David is a contributor to Prometheus and Kubernetes. He is a software engineer at G-Research, where he focuses on security and reliability of open source tools. He has a strong background in Site Reliability Engineering having worked as an SRE at Google before joining G-Research... Read More →
cns userns pdf
Thursday June 27, 2024 2:45pm - 3:20pm PDT
445
  Supply Chains + Containers + Application Security
Feedback form is now closed.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link