all InfoSec news
Container security fundamentals part 3: Capabilities
Datadog Security Labs securitylabs.datadoghq.com
In the previous part of this series, we mentioned that Docker containers don’t yet make use of the time namespace. We also explored how containers run as the root user in many cases. With those two points in mind, what would happen if we tried to change the date and time inside of a container?
To test this out, we’ll start a new container with docker run -it ubuntu:22.04 /bin/bash
. Then we'll try changing the time with date +%T …
bash capabilities cases change container containers container security docker don fundamentals namespace response root run security series start test ubuntu