|
|
|
|
|
|
by rtempaccount1
2255 days ago
|
|
|
Docker has a number of security layers that can make breakout more challenging, specifically dropped capabilities, a seccomp filter and (on debian/ubuntu) an AppArmor profile installed. I wouldn't agree that it's trivially possible to breakout of a default configured Docker container, not every attacker is packing a Linux Privesc 0-day and the knowledge to use it. |
|
|