Shrumplestiltskin · August 21, 2021 09:41 · Jan 16, 2019 · Nov 6, 2018 · Nov 6, 2018 · Nov 6, 2018
diff --git a/README.md b/README.md
@@ -72,7 +72,10 @@ https://lwn.net/Articles/543273/
 http://stealth.openwall.net/xSports/clown-newuser.c
 
 - Escaping Docker container using waitid() – CVE-2017-5123
-https://www.twistlock.com/labs-blog/escaping-docker-container-using-waitid-cve-2017-5123/
+https://www.twistlock.com/labs-blog/escaping-docker-container-using-waitid-cve-2017-5123/   
+
+
+https://www.cyberark.com/threat-research-blog/how-i-hacked-play-with-docker-and-remotely-ran-code-on-the-host/   
 
 
 ### Docker

diff --git a/README.md b/README.md
@@ -28,6 +28,10 @@ https://www.blackhat.com/docs/eu-15/materials/eu-15-Bettini-Vulnerability-Exploi
 - This is the authoritative documentation on the design, interface and conventions of cgroup v2:
 https://www.kernel.org/doc/Documentation/cgroup-v2.txt
 
+- Capabilities
+https://linux.die.net/man/7/capabilities
+libcap2-bin provides capsh in deb
+
 
 ### Escaping
 

diff --git a/README.md b/README.md
@@ -47,6 +47,9 @@ https://security.stackexchange.com/questions/152978/is-it-possible-to-escalate-p
 - Abusing Privileged and Unprivileged Linux Containers 
 https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/june/container_whitepaper.pdf
 
+- Understanding and Hardening Linux Containers
+https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-1-1.pdf
+
 - An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments
 http://taviso.decsystem.org/virtsec.pdf
 

diff --git a/README.md b/README.md
@@ -64,6 +64,9 @@ https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu
 https://lwn.net/Articles/543273/
 http://stealth.openwall.net/xSports/clown-newuser.c
 
+- Escaping Docker container using waitid() – CVE-2017-5123
+https://www.twistlock.com/labs-blog/escaping-docker-container-using-waitid-cve-2017-5123/
+
 
 ### Docker
 

diff --git a/README.md b/README.md
@@ -56,6 +56,14 @@ https://www.ernw.de/download/ERNW_Stocard_Docker-Devops-Security_fbarth-mluft.pd
 - Docker: Security Myths, Security Legends - Rory McCune
 https://youtu.be/uQigvjSXMLw
 
+- user ns: arbitrary module loading
+https://lkml.org/lkml/2013/3/4/70
+https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu
+
+- Anatomy of a user namespaces vulnerability
+https://lwn.net/Articles/543273/
+http://stealth.openwall.net/xSports/clown-newuser.c
+
 
 ### Docker
 

diff --git a/README.md b/README.md
@@ -53,6 +53,9 @@ http://taviso.decsystem.org/virtsec.pdf
 - Docker & Security - Florian Barth, Matthias Luft
 https://www.ernw.de/download/ERNW_Stocard_Docker-Devops-Security_fbarth-mluft.pdf
 
+- Docker: Security Myths, Security Legends - Rory McCune
+https://youtu.be/uQigvjSXMLw
+
 
 ### Docker
 

diff --git a/README.md b/README.md
@@ -1,51 +1,117 @@
-- Vulnerability Exploitation In Docker Container Environments
-	https://www.blackhat.com/docs/eu-15/materials/eu-15-Bettini-Vulnerability-Exploitation-In-Docker-Container-Environments.pdf
-
-- How to Run a More Secure Non-Root User Container:
-	http://www.projectatomic.io/blog/2016/01/how-to-run-a-more-secure-non-root-user-container/
+# Container security notes
 
-- This is the authoritative documentation on the design, interface and conventions of cgroup v2:
-	https://www.kernel.org/doc/Documentation/cgroup-v2.txt
+## Internet references
 
-- cgroups - Linux control groups
-	http://man7.org/linux/man-pages/man7/cgroups.7.html
+### Kernel and architecture
+
+- namespaces - overview of Linux namespaces
+http://man7.org/linux/man-pages/man7/namespaces.7.html
 
 - mount_namespaces - overview of Linux mount namespaces
-	http://man7.org/linux/man-pages/man7/mount_namespaces.7.html
+http://man7.org/linux/man-pages/man7/mount_namespaces.7.html
 
-- How to find namespaces in a Linux system
-	http://www.opencloudblog.com/?p=251
+- Major and Minor (device) Numbers
+http://www.makelinux.net/ldd3/chp-3-sect-2
 
-- namespaces - overview of Linux namespaces
-	http://man7.org/linux/man-pages/man7/namespaces.7.html
+- cgroups - Linux control groups
+http://man7.org/linux/man-pages/man7/cgroups.7.html
+
+- How to find namespaces in a Linux system
+http://www.opencloudblog.com/?p=251
 
 - Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
-	https://www.slideshare.net/jpetazzo/anatomy-of-a-container-namespaces-cgroups-some-filesystem-magic-linuxcon
+https://www.slideshare.net/jpetazzo/anatomy-of-a-container-namespaces-cgroups-some-filesystem-magic-linuxcon
 
-- Major and Minor (device) Numbers
-	http://www.makelinux.net/ldd3/chp-3-sect-2
+- Vulnerability Exploitation In Docker Container Environments
+https://www.blackhat.com/docs/eu-15/materials/eu-15-Bettini-Vulnerability-Exploitation-In-Docker-Container-Environments.pdf
 
-- False Boundaries and Arbitrary Code Execution
-	https://forums.grsecurity.net/viewtopic.php?f=7&t=2522
+- This is the authoritative documentation on the design, interface and conventions of cgroup v2:
+https://www.kernel.org/doc/Documentation/cgroup-v2.txt
 
-- Security In-Depth for Linux Software - Preventing and Mitigating Security Bugs
-	https://www.cr0.org/paper/jt-ce-sid_linux.pdf
+
+### Escaping
+
+- False Boundaries and Arbitrary Code Execution
+https://forums.grsecurity.net/viewtopic.php?f=7&t=2522
 
 - Container escape through open_by_handle_at (shocker exploit)
-	https://lists.linuxcontainers.org/pipermail/lxc-devel/2014-June/009547.html
-	https://github.com/gabrtv/shocker/blob/master/shocker.c
+https://lists.linuxcontainers.org/pipermail/lxc-devel/2014-June/009547.html
+https://github.com/gabrtv/shocker/blob/master/shocker.c
 
 - Chw00t: How to break out from various chroot solutions
-	https://deepsec.net/docs/Slides/2015/Chw00t_How_To_Break%20Out_from_Various_Chroot_Solutions_-_Bucsay_Balazs.pdf
-
-- Security Best Practices for Kubernetes Deployment
-	http://blog.kubernetes.io/2016/08/security-best-practices-kubernetes-deployment.html
+https://deepsec.net/docs/Slides/2015/Chw00t_How_To_Break%20Out_from_Various_Chroot_Solutions_-_Bucsay_Balazs.pdf
 
 - Is it possible to escalate privileges and escaping from a Docker container? (security.stackexchange.com)
-	https://security.stackexchange.com/questions/152978/is-it-possible-to-escalate-privileges-and-escaping-from-a-docker-container
+https://security.stackexchange.com/questions/152978/is-it-possible-to-escalate-privileges-and-escaping-from-a-docker-container
 
 - Abusing Privileged and Unprivileged Linux Containers 
-	https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/june/container_whitepaper.pdf
+https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/june/container_whitepaper.pdf
+
+- An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments
+http://taviso.decsystem.org/virtsec.pdf
+
+- Docker & Security - Florian Barth, Matthias Luft
+https://www.ernw.de/download/ERNW_Stocard_Docker-Devops-Security_fbarth-mluft.pdf
+
+
+### Docker
+
+- My DockerCon 2014 talk: Thoughts on interoperable containers
+https://fabiokung.com/2014/06/11/my-dockercon-2014-talk/
+
+- Building a Secure App with Docker - Ying Li and David Lawrence, Docker
+https://www.slideshare.net/Docker/building-a-secure-app-with-docker-ying-li-and-david-lawrence-docker
+https://www.youtube.com/watch?v=tjxkxVI_PVU
+
+- Docker Daemon tuning and JSON file configuration 
+https://sandro-keil.de/blog/2017/01/23/docker-daemon-tuning-and-json-file-configuration/
+
+### Kubernetes
+- Apparmor
+https://kubernetes.io/docs/tutorials/clusters/apparmor/#upgrading-to-kubernetes-v14-with-apparmor
+
+- Security Best Practices
+http://blog.kubernetes.io/2016/08/security-best-practices-kubernetes-deployment.html
+
+- PodSecurityPolicy
+https://kubernetes.io/docs/api-reference/v1.6/#podsecuritypolicyspec-v1beta1-extensions
+
+
+### Hardening & Security
+
+- Security In-Depth for Linux Software - Preventing and Mitigating Security Bugs
+https://www.cr0.org/paper/jt-ce-sid_linux.pdf
+
+- Security Best Practices for Kubernetes Deployment
+http://blog.kubernetes.io/2016/08/security-best-practices-kubernetes-deployment.html
 
 - Understanding and Hardening Linux Containers
-	https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-1-1.pdf
+https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-1-1.pdf
+
+- DEF CON 23 - Aaron Grattafiori - Linux Containers: Future or Fantasy? - 101 Track
+https://www.youtube.com/watch?v=iN6QbszB1R8
+
+- Linux Containers (LXC), Docker, and Security
+https://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-security/2-OutlineFear_Uncertainty_and_Doubtand_the
+
+- The Golden Ticket- Docker and High Security Microservices - Black Belt Track
+https://www.youtube.com/watch?v=346WmxQ5xtk
+http://www.slideshare.net/Docker/the-golden-ticket-docker-and-high-security-microservices-by-aaron-grattafiori
+
+- Security Lab: Seccomp
+http://training.play-with-docker.com/security-seccomp/
+
+- How to Run a More Secure Non-Root User Container:
+http://www.projectatomic.io/blog/2016/01/how-to-run-a-more-secure-non-root-user-container/
+
+
+### Tools
+
+- The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production. 
+https://github.com/docker/dockerbench-security
+
+- Clair - Vulnerability Static Analysis for Containers
+https://github.com/coreos/clair
+
+- AppArmor profile generator for docker containers. Basically a better AppArmor profile, than creating one by hand, because who would ever do that.
+https://github.com/jessfraz/bane
diff --git a/gistfile1.txt → README.md b/gistfile1.txt → README.md
diff --git a/gistfile1.txt b/gistfile1.txt
@@ -0,0 +1,51 @@
+- Vulnerability Exploitation In Docker Container Environments
+	https://www.blackhat.com/docs/eu-15/materials/eu-15-Bettini-Vulnerability-Exploitation-In-Docker-Container-Environments.pdf
+
+- How to Run a More Secure Non-Root User Container:
+	http://www.projectatomic.io/blog/2016/01/how-to-run-a-more-secure-non-root-user-container/
+
+- This is the authoritative documentation on the design, interface and conventions of cgroup v2:
+	https://www.kernel.org/doc/Documentation/cgroup-v2.txt
+
+- cgroups - Linux control groups
+	http://man7.org/linux/man-pages/man7/cgroups.7.html
+
+- mount_namespaces - overview of Linux mount namespaces
+	http://man7.org/linux/man-pages/man7/mount_namespaces.7.html
+
+- How to find namespaces in a Linux system
+	http://www.opencloudblog.com/?p=251
+
+- namespaces - overview of Linux namespaces
+	http://man7.org/linux/man-pages/man7/namespaces.7.html
+
+- Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
+	https://www.slideshare.net/jpetazzo/anatomy-of-a-container-namespaces-cgroups-some-filesystem-magic-linuxcon
+
+- Major and Minor (device) Numbers
+	http://www.makelinux.net/ldd3/chp-3-sect-2
+
+- False Boundaries and Arbitrary Code Execution
+	https://forums.grsecurity.net/viewtopic.php?f=7&t=2522
+
+- Security In-Depth for Linux Software - Preventing and Mitigating Security Bugs
+	https://www.cr0.org/paper/jt-ce-sid_linux.pdf
+
+- Container escape through open_by_handle_at (shocker exploit)
+	https://lists.linuxcontainers.org/pipermail/lxc-devel/2014-June/009547.html
+	https://github.com/gabrtv/shocker/blob/master/shocker.c
+
+- Chw00t: How to break out from various chroot solutions
+	https://deepsec.net/docs/Slides/2015/Chw00t_How_To_Break%20Out_from_Various_Chroot_Solutions_-_Bucsay_Balazs.pdf
+
+- Security Best Practices for Kubernetes Deployment
+	http://blog.kubernetes.io/2016/08/security-best-practices-kubernetes-deployment.html
+
+- Is it possible to escalate privileges and escaping from a Docker container? (security.stackexchange.com)
+	https://security.stackexchange.com/questions/152978/is-it-possible-to-escalate-privileges-and-escaping-from-a-docker-container
+
+- Abusing Privileged and Unprivileged Linux Containers 
+	https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/june/container_whitepaper.pdf
+
+- Understanding and Hardening Linux Containers
+	https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-1-1.pdf