Custom container not running under root account?

A customer wants to enforce these rules in their custom SageMaker containers:

•	Processes running inside a container must run with a known UID/GUID and never as root.
•	Avoid using privilege escalation methods that grant root access (e.g. sudo)

How do we ensure this?

主題

機器學習與 AI

標籤

Amazon SageMaker

語言

English

專家

Mahesh_V

已提問 3 年前檢視次數 586 次

1 個回答

最新
最多得票
最多評論

這些答案是否有幫助？支持正確答案，以幫助社區從您的知識中受益。

已接受的答案

SageMaker requires that Docker containers run without privileged access. See: https://docs.aws.amazon.com/sagemaker/latest/dg/amazon-sagemaker-toolkits.html SageMaker Docker containers do not run in Privileged mode and have the following Linux capabilities removed: SETPCAP, SETFCAP, NET_RAW, MKNOD

專家

Mahesh_V

已回答 3 年前

Custom container not running under root account?

相關內容