Whoc – A Container Image That Extracts The Underlying Container Runtime


A container image that extracts the underlying container runtime and sends it to a remote server. Poke at the underlying container runtime of your favorite CSP container platform!

How does it work?

As shown by runc CVE-2019-5736, traditional Linux container runtimes expose themselves to the containers they’re running through /proc/self/exe . whoc uses this link to read the container runtime executing it.

This is whoc default mode that works against dynamically linked container runtime…

Read More