Linux user namespaces might not be secure enough? a.k.a. subverting POSIX capabilities

Erica Windisch
Nov 3, 2015 · 5 min read

Introducing Capabilities

“It questions why anyone would not use this feature.”

“You should always drop capabilities in your application, or before running your application. Container managers do this by default.”

Introducing User Namespaces

“When a user namespace is created, the SYS_CAP_ADMIN capability is added.”

“Linux capabilities may be completely subverted.”

Subverting Capabilities

User Namespaces: to the rescue! or not!

Is this is a vulnerability?



Erica Windisch

Written by

CTO and founder of IOpipe, Inc. working on Application Operations tools for serverless applications.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade