Note: this is a past event Check out the current event!

Jessie Frazelle

Software Engineer at Docker at Docker

Talk

Application Sandboxes vs. Containers
Friday 15:00 - 15:45
Topics:
Sandboxes
Containers
Security
Magic
Level:
Advanced

Your rating:
0/5

This talk will cover the differences between application sandboxes and containers. The most well known sandbox is Chrome, for providing \"hard guarantees about what ultimately a piece of code can or cannot do no matter what its inputs are\". At its core, the Linux Chrome sandbox uses namespaces along with seccomp and other native features to provide these guarantees. Containers are composed of the same primitives. What is needed for containers to provide this promise? Can it be done by default? What steps are already being made to get towards containers that actually \"contain\"?


About

Docker Core Maintainer. Typecasted as the person who runs everything in containers including desktop apps. Loves everything from ldflags hacks to syscalls. Nerd by day, rap battle champion by night.