From Capabilities to AppArmor: Layering Linux Runtime Security
Capabilities, seccomp, and AppArmor working together to shut down the bad stuff
Apr 27, 202610 min read5
Command Palette
Search for a command to run...
#linux
Articles tagged with #linux
Distroless Removes the Shell, Not the Risk
No bash, no curl, still getting **** done
Apr 20, 202612 min read13
Seccomp in Kubernetes
From Pod Spec to Syscall Boundary
Feb 16, 20267 min read78
Seccomp: The Syscall Firewall
How Linux Decides Which Syscalls Are Allowed to Exist
Feb 5, 202610 min read103
Lima: Linux on macOS Without the Ceremony
Getting to real Linux, containers, and Kubernetes without a heavy lab setup
Jan 29, 20267 min read384
Kubernetes securityContext
Not Security. A Kernel Contract.
Jan 22, 20269 min read30