Understanding user namespaces

Understanding user namespaces - Michael Kerrisk

Рет қаралды 5,364

5 жыл бұрын

User namespaces are at the heart of many interesting technologies that allow isolation and sandboxing of applications, for example running containers without root privileges and sandboxes for web browser plug-ins. In this tutorial, we'll look in detail at user namespaces, building up a basic understanding of what a user namespace is and going on to questions such as: what does being “superuser inside a user namespace” allow you do (and what does it not allow); what is the relationship between user namespaces and other namespace types (PID, UTS, network, etc.); and what are the security implications of user namespaces? We'll also explore some simple shell commands that can be used for creating and experimenting with user namespaces in order to better understand how they work. Along the way, there will hopefully be time for a few live demos.
---
Michael Kerrisk is the author of the acclaimed book, “The Linux Programming Interface” (man7.org/tlpi/), a guide and reference for system programming on Linux and UNIX. He contributes to the Linux kernel primarily via documentation, review, and testing of new kernel-user-space interfaces. He has contributed to the Linux man-pages project (www.kernel.org/doc/man-pages/) since 2000, and been the project maintainer since 2004. Michael is a trainer and consultant, living in Munich, Germany.
foss-north.se/2019/speakers-a...

Пікірлер: 7

@kovacs-andras Жыл бұрын

Great presentation! I wish I would saw it earlier. Thanks!

@MomoMRG 5 жыл бұрын

Awesome informative video! Thanks so much!

@TheDiveO 4 жыл бұрын

Michael does an amazing job of presenting this slightly involved topic, many thanks to him for his presentation. Sadly, the conference technicians messed up by not directly recording the presenter laptop video and composing it with the stage view. The result is that the slides are hard to read, more so as these technicians had no better than uploading 720p HD instead of 1080p FullHD. Unfortunately, I don't see any slide link.

@JohanThelin 4 жыл бұрын

Hi! We're trying to improve year to year, and next year we will have screen recorders in place. In the mean time, you can find the slides here: foss-north.se/2019/speakers-and-talks.html#mkerrisk .

@TheDiveO 4 жыл бұрын

@@JohanThelin thanks, that helped me to find the presentation slide link man7.org/conf/meetup/understanding-user-namespaces--Google-Munich-Kerrisk-2019-10-25.pdf

@g.v.raju6579 4 жыл бұрын

Thank you johan for uploading this video.

@jain007neeraj 3 жыл бұрын

@@TheDiveO Thanks for posting the slides link :)