Containers would like to be able to make use of Linux Security Modules (LSMs), from providing more complete system virtualization to improving container confinement. To date containers access to the LSM has been limited but there has been work to change the situation.
This presentation will discuss and demonstrate the current state of Linux Security Module (LSM) stacking and namespacing making it possible to run containers with a different security module than that of the host.
Speakers: John Johansen