In this scenario you will learn how to block containers gaining additional user privileges, even when running as a non-root user.
Don’t stop now! The next scenario will only take about 10 minutes to complete.
Create Dockerfile:
echo 'FROM benhall/strace-ubuntu:latest' >> 1_Dockerfile
echo 'ADD 1_testnnp /testnnp' >> 1_Dockerfile
echo 'RUN chmod u+s /testnnp' >> 1_Dockerfile
echo 'CMD ["/testnnp"]' >> 1_Dockerfile
Download Command:
curl -LO https://github.com/katacoda/oscon2016-docker-perf-sec/raw/master/tutorial/2_Security/3_no-new-privileges/1_testnnp && chmod +x 1_testnnp
Build:
docker build -f 1_Dockerfile -t new-priv-1 .
Run:
docker run -u 1000 new-priv-1
Is that the output you expected?
Knowing what you need to know is the hardest part. Our guided pathways help build your knowledge around real-world scenarios.
The best way to learn its by doing. All our tutorials are interactive with pre-configured live environments ready for you to use.
It's a competitive industry. Your skills need to keep up with the latest approaches. Katacoda keeps your skills up-to-date.
Knowing what you need to know is the hardest part. Our guided pathways help build your knowledge around real-world scenarios.
The best way to learn its by doing. All our tutorials are interactive with pre-configured live environments ready for you to use.
It's a competitive industry. Your skills need to keep up with the latest approaches. Katacoda keeps your skills up-to-date.