Capabilities on executables
Note on Linux Kernel capabilities
File capabilities allow users to execute programs with higher privileges. Best example is network utility ping.
containers, programming, golang, hacks, kubernetes, productivity, books
Blog
Root user inside container is root on the host
The easiest way to prove that root inside the container is also root on the host
Here are simple steps that you can follow to prove that the root user inside container is also root on the host. And how to mitigate this.
Copying files to container the generic way
No docker cp needed to copy files from host to your container
This blog shows you how you can copy stuff from your host machine to the running container without the docker cp command that we usually use.
Recent Posts
Fight Your Instincts — Your Default Behaviour is Hurting You
Learnings from 'Atomic Habits'
Unchanging Contexts and Degrading Productivity
Certified Kubernetes Security Specialist CKS exam tips
Learnings from 'Sapiens'
Categories
- kubernetes34
- notes21
- non-tech17
- security13
- productivity10
- book-review9
- containers7
- bash5
- event_report5
- golang5
- packaging5
- docker4
- host4
- linux4
- cka3
- fedora3
- kompose3
- monitoring3
- notion3
- openshift3
- programming3
- prometheus3
- certs2
- configuration2
- desktop2
- git2
- ide2
- kms2
- minikube2
- activism1
- backup1
- centos1
- cks1
- cmd-line1
- etcd1
- flatcar1
- gaming1
- gnome1
- https1
- jobs1
- kubeadm1
- lokomotive1
- meetup1
- project_management1
- selinux1
- systemd1
- talks1
- vagrant1
About
I am a Senior Software Engineer at Microsoft, working on various tooling around container technology like Docker, Kubernetes, etc.