February 1, 2020

170 words 1 min read

In-and-out - Security of Copying to and from Live Containers

In-and-out - Security of Copying to and from Live Containers

Nowadays mature container platforms (such as Docker, Kubernetes and LXD) provide users a way to extract files from a running container. There are several different design approaches for implementing s …

Talk Title In-and-out - Security of Copying to and from Live Containers
Speakers Ariel Zelivansky (Security Research Team Lead, Palo Alto Networks), Yuval Avrahami (Security Researcher, Palo Alto Networks)
Conference Open Source Summit + ELC Europe
Conf Tag
Location Lyon, France
Date Oct 27-Nov 1, 2019
URL Talk Page
Slides Talk Slides
Video

Nowadays mature container platforms (such as Docker, Kubernetes and LXD) provide users a way to extract files from a running container. There are several different design approaches for implementing such a copy feature. In this talk, Yuval and Ariel will present the ups and downs of the different implementations with a focus on security and possible vulnerabilities.Throughout the presentation, different vulnerabilities that affected the major container engines will be reviewed. A live proof of concept of a vulnerability in the Docker copy comman will be presented.

comments powered by Disqus