1 Hit in 1.6 sec

BPFContain: Fixing the Soft Underbelly of Container Security [article]

William Findlay, David Barrera, Anil Somayaji
2021 arXiv   pre-print
While containers separate namespaces and partition resources, the patchwork of mechanisms used to ensure separation cannot guarantee consistent security semantics.  ...  Here we present BPFContain, a new container confinement mechanism designed to integrate with existing container management systems.  ...  A processes map tracks the state of containerized processes and manages their associations with running containers.  ... 
arXiv:2102.06972v1 fatcat:qyphvepuczfndixpqqywcpuhcu