Analyzes Kubernetes User Namespaces from an offensive security perspective, covering isolation benefits, potential misconfigurations, and escape vectors.
Explains how to use Docker's userns-remap feature with Linux system users to solve permission issues in CI/build environments.
Explores the technical challenges and differences between traditional containers and true sandbox environments, focusing on user namespaces and privilege levels.
A guide on converting Docker containers to runc for desktop use, focusing on user namespace control and custom networking tools.
A technical guide on using Docker's user namespace support to run desktop applications like Chrome, Irssi, and Docker-in-Docker in containers for improved security.
