Filters








1 Hit in 1.7 sec

BPFContain: Fixing the Soft Underbelly of Container Security [article]

William Findlay, David Barrera, Anil Somayaji
2021 arXiv   pre-print
BPFContain combines a simple yet flexible policy language with an eBPF-based implementation that allows for deployment on virtually any Linux system running a recent kernel.  ...  Here we present BPFContain, a new container confinement mechanism designed to integrate with existing container management systems.  ...  [13] introduced bpfbox as the first full process confinement mechanism using these eBPF LSM hooks.  ... 
arXiv:2102.06972v1 fatcat:qyphvepuczfndixpqqywcpuhcu