seccomp - tbhaxor

seccomp

A collection of 3 posts

Prevent Privilege Escalation from Container Breakout via UserNS Remapping

Prevent Privilege Escalation from Container Breakout via UserNS Remapping

Hello World! In my previous posts, I have discussed a lot on how does a user with certain capabilities can escape the docker container and execute commands on the root of the host. The naive approach to fix this issue could be the combination of the following * Disable capabilities like

Basics of Seccomp for Docker

Basics of Seccomp for Docker

Seccomp is a kernel feature that allows you to filter syscalls for a specified process. In this article, you'll learn how to use strict and eBPF modes with your existing Docker configuration.

Breakout from the Seccomp Unconfined Container

Breakout from the Seccomp Unconfined Container

In this post, you'll discover how to exploit the CAP SYS MODULE capability in a privileged exec session to break out of a seccomp unconfined container that was launched with no extra rights or capabilities.