You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Jie Yu (JIRA)" <ji...@apache.org> on 2016/03/14 18:19:33 UTC
[jira] [Updated] (MESOS-4936) Improve container security for Mesos
containerizer.
[ https://issues.apache.org/jira/browse/MESOS-4936?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jie Yu updated MESOS-4936:
--------------------------
Labels: mesosphere (was: )
> Improve container security for Mesos containerizer.
> ---------------------------------------------------
>
> Key: MESOS-4936
> URL: https://issues.apache.org/jira/browse/MESOS-4936
> Project: Mesos
> Issue Type: Epic
> Components: containerization
> Reporter: Jie Yu
> Labels: mesosphere
>
> We should investigate the following to improve the container security for Mesos containerizer:
> 1) Capabilities
> 2) User namespace
> 3) Seccomp
> 4) SELinux
> 5) AppArmor
> We should investigate what other container systems are doing regarding security:
> 1) [k8s| https://github.com/kubernetes/kubernetes/blob/master/pkg/api/v1/types.go#L2905]
> 2) [docker|https://docs.docker.com/engine/security/security/]
> 3) [oci|https://github.com/opencontainers/specs/blob/master/config.md]
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)