Adam Sampson's container bookmarks

PRoot — chroot, mount --bind, and binfmt_misc without privilege/setup edit / delete

"PRoot is a user-space implementation of chroot, mount --bind, and binfmt_misc." Done on top of ptrace and qemu-user, which implies that it'll have the usual limitations of those.

to chroot container emulation namespace ptrace qemu ... on 22 March 2015

System Hardening - The Chromium Projects edit / delete

A nice overview of all the application hardening facilities used on ChromiumOS.

to chromium container hardening linux sandbox security ... on 22 July 2014

Rami Rosen edit / delete

Some good presentations on Linux container facilities. (Horrid Javascript-based site, though.)

to container linux programming sandbox security ... on 11 July 2014

google/lmctfy edit / delete

"lmctfy is the open source version of Google’s container stack, which provides Linux application containers."

to cgroup container linux software ... on 01 December 2013

	- container

1	+ cgroup
1	+ chromium
1	+ chroot
1	+ emulation
1	+ hardening
3	+ linux
1	+ namespace
1	+ programming
1	+ ptrace
1	+ qemu
2	+ sandbox
2	+ security
1	+ software

Tasty » Adam Sampson's container bookmarks

Tags related to container