Verizon Communications Inc.
Pinhole access for elevated containerized process capability

Abstract:

A system described herein may provide a technique for providing extended container capabilities via helper functions that are executed by an entity with a higher privilege level than that of the containerized process. In order to limit the opportunity for malicious or otherwise unauthorized use of such extended container capabilities, such helper functions may limit enabled arguments and/or otherwise limit utilization of functionality associated with a higher privilege level.