SELinux and Smack Security Modules for Linux Containers

A common response when someone first hears about containers is “How do I create a secure container?” This article answers that question by showing you how to use Linux Security Modules (LSM) to improve the security of containers. In particular, it shows you how to specify a security goal and meet it with both the Smack and SELinux security modules.