Product | 26.03.2024

Rootless containers or the principle of least privilege

With rootless containers, companies benefit from a more secure and efficient way to deploy applications. They run without the need for root privileges, distinguishing them from traditional container setups that require elevated privileges. Cybus Connectware supports rootless containers as part of our mission to provide a secure, flexible and efficient Factory Data Hub.

Let’s explore the advantages of using this unique security feature with Cybus Connectware.

Principle of least privilege

Rootless containers are built around the principle of least privilege, ensuring that access rights are restricted to what is strictly necessary for specific operations. This principle aligns perfectly with Cybus Connectware’s approach to secure data management, guaranteeing that each containerized application functions within a secure and constrained environment.

Enhanced security for your shop floor

Security is a critical concern in factory environments where protecting sensitive data and operations is paramount. Rootless containers bring an additional layer of security by reducing the risks associated with granting containers root access on host systems.

With its support for rootless containers, Cybus Connectware enhances security posture to ensure that if a container were to be compromised, the potential for damage would be substantially limited. This is crucial in environments where the integrity of both data and operational processes must be upheld.

Compliance and risk management

Security audits often focus on compliance with industry standards and regulations, which increasingly emphasize the need for secure deployment practices. Rootless containers can help organizations meet these requirements by demonstrating a commitment to minimizing privilege escalation risks. This can be particularly relevant for manufacturing industries that are subject to stringent regulatory requirements. By proactively addressing the advantages of rootless containers, organizations can demonstrate a proactive approach to security and compliance.

OpenShift and Cybus Connectware

OpenShift, Red Hat’s Kubernetes platform, emphasizes security and operational efficiency, encouraging the use of rootless containers as a best practice. Although not strictly required, rootless containers are highly recommended within OpenShift for several reasons:

  • Enhanced security: Minimizes risks by preventing containers from having root access to the host system, crucial in multi-tenant environments.
  • Simplified user management: Aligns with the principle of least privilege, allowing operations without granting extensive host privileges.
  • Compliance support: Helps meet regulatory requirements by ensuring secure and controlled access.
  • Operational efficiency: Accelerates development cycles by allowing developers to deploy applications without needing elevated permissions.
  • Flexible adoption: Supports both traditional and rootless containers, facilitating a gradual transition without disrupting existing workflows.

Oops, your browser does not support this website.

Dear visitor, you are trying to visit our website using Internet Explorer. The support for this browser has been discontinued by the manufacturer, which is why it can no longer display modern web pages correctly.
To view the content of this website correctly, you need a more modern browser.

Under the following links you will find browsers for which our website has been optimized:

Download Google Chrome Browser Download Mozilla Firefox Browser

You can still view this website, but you will have to face significant restrictions.

Show this website anyway.