Monday, August 19 • 10:50am - 11:30am
Making Containers Safer - Stéphane Graber & Christian Brauner, Canonical Ltd.*

Sign up or log in to save this to your schedule and see who's attending!

Containers are used for a multitude of workloads everywhere today. But not all containers are actually created in a way that we can be sure that they are safe to use. In fact, CVE-2019-5736 has shown that most containers are not.

In this talk we will thus take a close look at what is required to make containers safe.
The first part of this presentation we will go over the main type of containers out there, look at what security features they are using and what their security model is.

In the second part we will be focusing on new features, covering recent kernel developments to make unprivileged containers safe and at the same time more usable.

In the last part we will take a look at what we consider remaining challenges to make containers safe.


Christian Brauner

Kernel engineer - LXD, Canonical Ltd.
Christian Brauner is a kernel and core developer and maintainer of the LXD and LXC projects. He works mostly upstream on the Linux Kernel and lower-level problems. He is strongly committed to working in the open, and a strong proponent of Free Software. Christian has been active in... Read More →
avatar for Stéphane Graber

Stéphane Graber

Technical Lead, Canonical Ltd.
Stéphane Graber is the engineering manager for the LXD team at Canonical Ltd. He is the upstream project leader for LXC and LXD and a frequent speaker and track leader at events related to containers and Linux. Stéphane is also a longtime contributor to the Ubuntu Linux distribution... Read More →

Monday August 19, 2019 10:50am - 11:30am
Sapphire D
  • Session Slides Included Yes