HITBGSEC

Docker improves container security and management

http://zdnet4.cbsistatic.com/hub/i/r/2016/02/23/26d83efd-3afc-4a9d-a32e-174a35052652/resize/770xauto/85ffb965a4dc0d9bf1bcbe06333ca214/docker-ddc.jpg

We love Docker. This container technology makes it possible to run four-to-six times the number of server applications as you can with Virtual Machines (VM) on the same hardware. There are only two little problems: Security and management.

Those aren't small problems. Even though businesses are flocking to deploy Docker containers, if you can't nail down the security or management issues, you're playing with fire. That hasn't stopped anyone, but Docker knows darn well it's only a matter of time before its users get burned. So, Docker is addressing both problems.

First, to improve security, Docker's latest release Docker 1.10 uses a feature called user namespacing to enable containerized applications to run without having root permission. With user namespaces, the Docker daemon still runs as root but the containers are handled separately. With each container using its own user-level privileges, they no longer need root access to run.

Tags: