Container Basics
Fundamentals
Containers package applications with dependencies in isolated environments. Understanding container architecture is essential for identifying security weaknesses.
Container Architecture
Isolation Mechanisms
- • Namespaces (PID, Network, Mount)
- • Cgroups (resource limits)
- • Capabilities (fine-grained perms)
- • Seccomp (syscall filtering)
Attack Surfaces
- • Docker socket exposure
- • Privileged containers
- • Vulnerable base images
- • Misconfigured mounts
Docker Enumeration
bash
# Check if inside container
cat /proc/1/cgroup | grep docker
ls -la /.dockerenv
# Container environment info
env | grep -i docker
cat /etc/hosts
hostname
# Mounted volumes
mount | grep -v "^cgroup"
df -h
# Network configuration
ip addr
cat /etc/resolv.conf
# Running processes
ps aux
# Check capabilities
capsh --print
# Available syscalls (if seccomp)
cat /proc/self/status | grep Seccomp