Gollmann, DieterDieterGollmann1132276268Semjonov, AntonAntonSemjonov2020-11-232020-11-232020-01Technische Universität Hamburg (2020)http://hdl.handle.net/11420/7891Linux namespaces are used for container-based operating-system-level virtualization today; the user namespace in particular enables a relatively recent development of so-called rootless containers. A brief overview of the technology is given and the underlying permissions model is explained. Two different threat models for application deployment are created. Using a reproducible testing environment and a number of existing vulnerabilities, associated risks and benefits of employing the user namespace are analysed. It is shown that user namespaces can provide significant improvements to a system's security but also pose risks of their own.enhttps://creativecommons.org/licenses/by-sa/4.0/LinuxUser NamespaceVirtualizationSecurity in Distributed ApplicationsIngenieurwissenschaftenBachelor Thesis10.15480/882.308910.15480/882.3089Kycler, Ann-ChristineAnn-ChristineKyclerOther