all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Container security fundamentals part 3: Capabilities

Add to bookmarks
April 17, 2023, midnight |

Datadog Security Labs securitylabs.datadoghq.com

In the previous part of this series, we mentioned that Docker containers don’t yet make use of the time namespace. We also explored how containers run as the root user in many cases. With those two points in mind, what would happen if we tried to change the date and time inside of a container?


To test this out, we’ll start a new container with docker run -it ubuntu:22.04 /bin/bash. Then we'll try changing the time with date +%T -s …

bash capabilities cases change container containers container security docker don fundamentals namespace response root run security series start test ubuntu

Visit resource

More from securitylabs.datadoghq.com / Datadog Security Labs

A guide to threat hunting and monitoring in Snowflake 2 days, 23 hours ago | securitylabs.datadoghq.com
customers emerging emerging threat environment +7
Non-Production Endpoints as an Attack Surface in AWS 1 week, 5 days ago | securitylabs.datadoghq.com
api api endpoints attack attack surface +13
Malicious PyPI packages targeting highly specific MacOS machines 2 weeks, 3 days ago | securitylabs.datadoghq.com
cluster machines macos malicious +5
Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover 1 month, 3 weeks ago | securitylabs.datadoghq.com
amplify aws disclosure exposed +11
The XZ Utils backdoor (CVE-2024-3094): Everything you need to know, and more 2 months ago | securitylabs.datadoghq.com
ages backdoor backdoors cve +9
A threat-informed roadmap for securing Kubernetes clusters (KubeCon EU 2024) 2 months, 2 weeks ago | securitylabs.datadoghq.com
attacks clusters controls kubecon +8
Tales from the cloud trenches: Using malicious AWS activity to spot phishing campaigns 2 months, 3 weeks ago | securitylabs.datadoghq.com
aws campaign campaigns cloud +5
Kubernetes security fundamentals: Authentication 3 months, 4 weeks ago | securitylabs.datadoghq.com
authentication fundamentals kubernetes kubernetes security +1
An analysis of a TeamTNT doppelgänger 4 months, 1 week ago | securitylabs.datadoghq.com
analysis api api endpoints backdoors +7

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com