What is a Container Breakout?

0 Comments

Question
What is a container breakout?

Answer
A container breakout is an the act of a user or process in a container gaining access to its underlying host server. Containerization is the isolation of processes and/or disk space on a server. A container is isolated from the host server via cgroups and namespaces. Bypassing the cgroup(s) and namespace(s) through intentional acts can be desirable for legitimate systems engineers. While such an operation can denote a "breakout", we find the term "container breakout" to connote the unauthorized circumvention of the isolating cgroups and namespaces. Some Docker hosts and configurations of containers can be exploited by hackers. Thus a new big security concern in the I.T. world is the "container breakout" or "Docker [container] breakout".

To see the term in context, read these examples:

https://www.oreilly.com/library/view/advanced-infrastructure-penetration/9781788624480/5603d194-56b9-4815-8627-439f262d6d15.xhtml

https://news.ycombinator.com/item?id=7909622

https://hub.docker.com/r/gabrtv/shocker/

Page 3 of this PDF uses the term.

https://blog.docker.com/2014/06/docker-container-breakout-proof-of-concept-exploit/

If you want to learn how to secure a Docker container, see this posting.

Leave a comment

Your email address will not be published. Required fields are marked *