Back To Schedule
Monday, August 19 • 10:50am - 11:30am
Making Containers Safer - Stéphane Graber & Christian Brauner, Canonical Ltd.*

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Containers are used for a multitude of workloads everywhere today. But not all containers are actually created in a way that we can be sure that they are safe to use. In fact, CVE-2019-5736 has shown that most containers are not.

In this talk we will thus take a close look at what is required to make containers safe.
The first part of this presentation we will go over the main type of containers out there, look at what security features they are using and what their security model is.

In the second part we will be focusing on new features, covering recent kernel developments to make unprivileged containers safe and at the same time more usable.

In the last part we will take a look at what we consider remaining challenges to make containers safe.


Christian Brauner

Senior Software Engineer, Canonical Ltd.
Christian Brauner is a kernel developer and maintainer of the LXD and LXC projects currently working at Canonical. He works mostly upstream on the Linux Kernel maintaining various bits and pieces. He is strongly committed to working in the open, and an avid proponent of Free Software... Read More →
avatar for Stephane Graber

Stephane Graber

Project leader for LXD, Canonical Ltd.
Stéphane Graber is the upstream project leader for LXC and LXD at Canonical and a frequent speaker and track leader at events related to containers and Linux. Stéphane is a longtime contributor to the Ubuntu Linux distribution as an Ubuntu core developer and previous Ubuntu technical... Read More →

Monday August 19, 2019 10:50am - 11:30am PDT
Sapphire D
  Refereed Presentation
  • Session Slides Included Yes