Forensic analysis of container checkpoints
- Mentors
- Adrian Reber, Radostin Stoyanov
- Organization
- CRIU
- Technologies
- python, linux, go, golang, docker, kubernetes, protobuf
- Topics
- security, cli, container, Checkpoint/Restore, forensic analysis
The crit library in go-criu was created during GSoC 2022 to enable analysis of CRIU
images with tools written in Go. It allows container management tools such as
checkpointctl and Podman to provide capabilities similar to CRIT. The goal of this project is to extend this library with functionality for forensic analysis of container checkpoints to provide a better user experience. To effectively utilise this new feature, the checkpointctl CLI tool would also be extended to display information about the processes included in a container checkpoint and their runtime state (e.g. memory state, open files, sockets, etc).