11 Additional security considerations

This chapter covers

  • Securing running applications on different standalone servers, inside different VMs and containers
  • Running a container via a service versus as a child of the container engine via fork and exec
  • Linux security features used to keep containers isolated from each other
  • Setting up container image trust
  • Signing images and trusting them

In this chapter, I review and demonstrate some additional security considerations when using Podman to run containers. Some of the content was covered in other chapters, but I think it is useful to concentrate on these features from a security perspective.

One of the most frequent problems I see with people running containers is that when the container process ...

Get Podman in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.