Highest Voted 'container' Questions - IT Security Stack Exchange

0

votes

1 answer

What does default Seccomp, AppArmor and SELinux in Kubernetes Security mean?

What does default Seccomp, AppArmor, and SELinux in Kubernetes Security truly mean? Who and where provides the default profile? Does default mean it applies to containers, pods, or the Kubernetes administrator cluster itself? I've seen numerous…

container kubernetes

asked Aug 22 '22 at 16:12

transcend3nt

39
4

0

votes

0 answers

When in a container do TCP API calls need TLS?

I have an application I'm building where all components will be contained inside a single container. I'm wondering about API calls within the container between the components, i.e using localhost, between the front, middle, and back ends. Would the…

tls api docker container

asked Apr 25 '22 at 04:04

Jeremiah Payne

1
1

0

votes

1 answer

Does Log4Shell ("CVE-2021-44228 ") affect K8S/Containers and function-as-a-service (FaaS)?

Does Log4Shell ("CVE-2021-44228") affect K8S/Containers and/or function-as-a-service (FaaS) running image with affected log4j? I would like to understand if this vulnerability affects ephemeral setups such as K8S/FaaS and how JNDI lookup can take…

container log4shell

asked Dec 14 '21 at 17:08

Nathan Aw

1
7
12

0

votes

0 answers

Is the Docker cache a security risk due to stale base images?

I always thought that when I build the Dockerfile for my application, the latest version of the base image is downloaded from the registry (and in this way I have a fresh version with all the security patches in the base image). However I now read…

docker container

asked Nov 05 '21 at 22:56

collimarco

113
3

0

votes

1 answer

Why Vulnerability Scanners Ignore Shared Libraries?

First of all, I am new to vulnerability scanning and don't have an experience working with any tooling outside of container specific. So, I don't know if it is a normal behavior for scanners. Please correct me if I am wrong, but the following seems…

linux vulnerability vulnerability-scanners docker container

asked Aug 17 '21 at 02:54

Artem A.

3
1

0

votes

0 answers

How to protect workload from host

I have some code and other resources which run in a container or VM ("black box") on a host machine. The host uses this as a service to process some files which are highly sensitive and they don't want them off their premises (so no cloud). …

encryption docker container kubernetes virtualbox

asked Aug 08 '21 at 13:29

Alex

109

0

votes

0 answers

secure deletion in virtual machines

when we securely delete a volume in a machine which is installed in a virtual machine or docker, for example by overwriting 7 times or more, we securely delete the data in virtual disk (in guest) and some related data in real disk (in host) may…

virtualization cloud-computing deletion vmware container

asked Mar 17 '21 at 07:23

alex

1

0

votes

2 answers

Requesting an SSL certificate without a CSR, can it be done?

Please excuse me if this is a dumb or obvious question, I'm self taught and have not been able to find an exact answer to my question after much Googling and reading through StacEx! I'm having issues with the process of requesting/purchasing an SSL…

tls azure container

asked Dec 10 '20 at 22:45

Chris Butler

103
3

0

votes

1 answer

Can malicious applications running inside a docker container still be harmful?

I am very new to docker (and don't usually program at a 'systems' level). I will be working on an open source project with complete strangers over the web over the next couple of months. I trust them, but I like to not have to trust people (meant in…

protection docker container

asked Aug 02 '20 at 11:24

dss

103
2

0

votes

1 answer

Is it normal to being able to kill a process from outside a container?

Situation: on user@host a qemu run and stack inside a container user@container Is it normal: to view with ps aux | grep qemu from user@host that the process run on user@container? to be able to make sudo kill -9 pid of the process in the container…

privilege-escalation docker container

asked Jul 20 '18 at 05:47

aurelien

253
2
13

0

votes

1 answer

Is there an industry-standard data container for asymmetric encryption / signing with secure algorithms?

I want to encrypt a large blob of binary data (let's say, 1GB), using asymmetric encryption (so that only public key is needed to encrypt the data, but private key is needed to decrypt it). As a nice addition, I would like to sign it (and, ideally,…

encryption pgp asymmetric pkcs7 container

asked Jul 15 '17 at 10:07

penartur

101
1

-1

votes

1 answer

Modifying cacerts at runtime

I have an containerized JVM application (multiple actually) running on kubernetes, which needs to trust additional custom/private CAs (which are not known beforehand, the application will be deployed in multiple unrelated data-centers that have…

certificate-authority java container kubernetes

asked Apr 19 '22 at 15:20

ciis0

1

Questions tagged [container]