slim icon indicating copy to clipboard operation
slim copied to clipboard

Published 20 hours ago verified publisher icon slimtoolkit

Securing root access

Open rghdrizzle opened this issue 2 years ago • 2 comments

Hey , since your project is about containers and it provides more security , I want to know if it does not allow a user to access root login even though if they knew the password for the root ?

rghdrizzle avatar May 08 '22 11:05 rghdrizzle

@rghdrizzle This isn't possible yet and it'll also require to have the sensor running all the time including production and for that we'll need to use the new (and not yet released) system level sensor that has a low resource use profile.

Either way, this use case is a better fit for the RASP (Runtime Application Self-Protection) tools out there

kcq avatar May 11 '22 18:05 kcq

@kcq sorry for the late reply , there is some feature in docker , where when u build the dockerfile you can give a command where it prevents the container to be run in privileged mode like you can prevent privilege escalation through the exploitation of SETUID binaries by using the --security-opt=no-new-privileges flag when running containers , and im just learning about the docker security so i might lack some knowledge about it

rghdrizzle avatar Jun 25 '22 04:06 rghdrizzle