Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If you believe containers cannot be secure, than you should be able to capture the flag and get paid for beating https://contained.af/

Having said that, I agree that by default containers are a poor security boundary - but saying they are wholesale inadequate is not accurate.



contained.af uses seccomp to block a bunch of syscalls that you would not block for a real service, for example socket()




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: