Container host-based security protection method and device, and electronic device
By monitoring and managing the permissions and commands of the container host machine account, the potential privilege escalation issue after SSH login is resolved, thus achieving security protection of the host machine, preventing malicious logins, and maintaining normal operation.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- TENCENT TECHNOLOGY (SHENZHEN) CO LTD
- Filing Date
- 2021-02-09
- Publication Date
- 2026-06-05
AI Technical Summary
In existing technologies, after a user logs into the container host machine via SSH, they may exploit host machine vulnerabilities to escalate privileges and obtain greater permissions, resulting in insufficient host machine security.
By monitoring the permissions and executed commands of the target account, it is determined whether it is used to infiltrate the container. If it is not used to infiltrate the container, it is forcibly logged out. If it is used to infiltrate the container, it remains logged in. A dedicated shell program is used to monitor and verify command parameters to ensure security.
It effectively prevents malicious account intrusion and attacks, improves host machine security, and does not interfere with normal container use, providing dual security protection.
Smart Images

Figure CN114912104B_ABST