Docker 的權限控制

Red Hat Enterprise Linux Blog 上整理了一篇關於 Docker 目前支援的權限控制:「Secure Your Containers with this One Weird Trick」,目前有 38 個權限可以控制:

Originally the kernel allocated a 32-bit bitmask to define these capabilities. A few years ago it was expanded to 64. There are currently around 38 capabilities defined.

這對於跑一些應用來說還頗不錯的,像是之前提到的「用 Docker 跑 Skype 講電話」,可以再縮限一些權限 :o