docker
diff --git a/‎content/manuals/enterprise/security/hardened-desktop/enhanced-container-isolation/_index.md‎
Lines changed: 151 additions & 77 deletions b/‎content/manuals/enterprise/security/hardened-desktop/enhanced-container-isolation/_index.md‎
Lines changed: 151 additions & 77 deletions
@@ -2,16 +2,18 @@
 title: Enhanced Container Isolation
 linkTitle: Enhanced Container Isolation
 description: Enhanced Container Isolation provides additional security for Docker Desktop by preventing malicious containers from compromising the host
-keywords: nhanced container isolation, container security, sysbox runtime, linux user namespaces, hardened desktop
+keywords: enhanced container isolation, container security, sysbox runtime, linux user namespaces, hardened desktop
 aliases:
  - /desktop/hardened-desktop/enhanced-container-isolation/
  - /security/for-admins/hardened-desktop/enhanced-container-isolation/
-weight: 20
+ - /security/hardened-desktop/enhanced-container-isolation/how-eci-works
+ - /security/hardened-desktop/enhanced-container-isolation/features-benefits
+weight: 10
 ---
 
 {{< summary-bar feature_name="Hardened Docker Desktop" >}}
 
-Enhanced Container Isolation (ECI) adds an extra layer of security to prevent malicious containers from compromising Docker Desktop or the host system. It uses advanced isolation techniques while maintaining full developer productivity.
+Enhanced Container Isolation (ECI) prevents malicious containers from compromising Docker Desktop or the host system. It applies advanced security techniques automatically while maintaining full developer productivity and workflow compatibility.
 
 ECI strengthens container isolation and locks in security configurations created by administrators, such as [Registry Access Management policies](/manuals/enterprise/security/hardened-desktop/registry-access-management.md) and [Settings Management](../settings-management/_index.md) controls.
 
@@ -29,121 +31,193 @@ Enhanced Container Isolation is designed for:
 
 ## How Enhanced Container Isolation works
 
-For an overview of how ECI works, see [How Enhanced Container Isolation works](/manuals/enterprise/security/hardened-desktop/enhanced-container-isolation/how-eci-works.md).
+Docker implements ECI using the [Sysbox container runtime](https://github.com/nestybox/sysbox), a
+security-enhanced fork of the standard OCI runc runtime. When ECI is turned on, containers created through `docker run` or `docker create` automatically use Sysbox instead of runc without requiring any changes to developer workflows.
 
-## Enable Enhanced Container Isolation
+> [!NOTE]
+>
+> When ECI is turned on, the Docker CLI `--runtime` flag is ignored.
+Docker's default runtime remains `runc`, but all user containers
+implicitly launch with Sysbox.
 
-### For developers
+Even containers using the `--privileged` flag run securely with Enhanced Container Isolation, preventing them from breaching the Docker Desktop virtual machine or other containers.
 
-To turn on ECI:
+## Key security features
 
-1. Verify your organization has a Docker Business subscription.
-1. Sign in to your organization in Docker Desktop to access ECI features.
-1. Stop and remove all existing containers:
+### Linux user namespace isolation
 
-  ```console
-  $ docker stop $(docker ps -q)
-  $ docker rm $(docker ps -aq)
-  ```
+With Enhanced Container Isolation, all containers leverage Linux user namespaces for stronger isolation. Container root users map to unprivileged users in the Docker Desktop VM:
 
-1. In Docker Desktop, go to **Settings** > **General**.
-1. Select the **Use Enhanced Container Isolation** checkbox.
-1. Select **Apply and restart**.
+```console
+$ docker run -it --rm --name=first alpine
+/ # cat /proc/self/uid_map
+         0     100000      65536
+```
 
-> [!IMPORTANT]
->
-> ECI doesn't protect containers created before turning on the feature. Remove existing containers before turning on ECI.
+This output shows that container root (0) maps to unprivileged user 100000 in the VM, with a range of 64K user IDs. Each container gets exclusive mappings:
 
-### For administrators
+```console
+$ docker run -it --rm --name=second alpine
+/ # cat /proc/self/uid_map
+         0     165536      65536
+```
 
-Before you begin, [enforce sign-in](/manuals/enterprise/security/enforce-sign-in) so users authenticate with your organization
-when signing into Docker Desktop.
+Without Enhanced Container Isolation, containers run as true root:
 
-You can configure Enhanced Container Isolation for your organization using
-Settings Management.
+```console
+$ docker run -it --rm alpine
+/ # cat /proc/self/uid_map
+         0       0     4294967295
+```
 
-{{< tabs >}}
-{{< tab name="Admin Console" >}}
+By using Linux user namespaces, ECI ensures container processes never run with valid user IDs in the Linux VM, constraining their capabilities to resources within the container only.
 
-1. Sign in to [Docker Home](https:app.docker.com) and select your organization.
-1. Go to **Admin Console** > **Desktop Settings Management**.
-1. [Create or edit a settings policy](/manuals/enterprise/security/hardened-desktop/settings-management/configure-admin-console.md).
-1. Set **Enhanced Container Isolation** to **Always enabled**.
+### Secured privileged containers
 
-{{< /tab >}}
-{{< tab name="`admin-settings.json` file" >}}
+Privileged containers (`docker run --privileged`) normally pose significant security risks because they provide unrestricted access to the Linux kernel. Without ECI, privileged containers can:
 
-Create an [`admin-settings.json`](/manuals/enterprise/security/hardened-desktop/settings-management/configure-json-file.md) file with:
+- Run as true root with all capabilities
+- Bypass seccomp and AppArmor restrictions
+- Access all hardware devices
+- Modify global kernel settings
 
-```json
-{
-  "configurationFileVersion": 2,
-  "enhancedContainerIsolation": {
-    "value": true,
-    "locked": true
-  }
-}
-```
+Organizations securing developer environments face challenges with privileged containers because they can gain control of the Docker Desktop VM and alter security settings like registry access management and network proxies.
 
-Configuration options:
-- `"value": true`: Turns on ECI by default
-- `"locked": true`: Prevents developers from turning off ECI
-- `"locked": false`: Allows developers to control the setting
+Enhanced Container Isolation transforms privileged containers by ensuring they can only access resources within their container boundary. For example, privileged containers can't access Docker Desktop's network configuration:
 
-{{< /tab >}}
-{{< /tabs >}}
+```console
+$ docker run --privileged djs55/bpftool map show
+Error: can't get next map: Operation not permitted
+```
 
-#### Apply the configuration
+Without ECI, privileged containers can easily access and modify these settings:
 
-To apply the updated Enhanced Container Isolation setting for your organization:
+```console
+$ docker run --privileged djs55/bpftool map show
+17: ringbuf  name blocked_packets  flags 0x0
+        key 0B  value 0B  max_entries 16777216  memlock 0B
+18: hash  name allowed_map  flags 0x0
+        key 4B  value 4B  max_entries 10000  memlock 81920B
+```
 
-- New installations: Users launch Docker Desktop and sign in
-- Existing installations: Users must fully quit Docker Desktop and relaunch
+Advanced container workloads like Docker-in-Docker and Kubernetes-in-Docker still work with ECI but run much more securely.
 
-> [!IMPORTANT]
+> [!NOTE]
 >
-> Restarting from the Docker Desktop menu isn't sufficient. Users must completely quit and reopen Docker Desktop.
+> ECI doesn't prevent users from running privileged containers, but makes them secure by containing their access. Privileged workloads that modify global kernel settings (loading kernel modules, changing Berkeley Packet Filter settings) receive "permission denied" errors.
+
+### Namespace isolation enforcement
+
+Enhanced Container Isolation prevents containers from sharing Linux namespaces with the Docker Desktop VM, maintaining isolation boundaries:
+
+**PID namespace sharing blocked:**
+
+```console
+$ docker run -it --rm --pid=host alpine
+docker: Error response from daemon: failed to create shim task: OCI runtime create failed: error in the container spec: invalid or unsupported container spec: sysbox containers can't share namespaces [pid] with the host (because they use the linux user-namespace for isolation): unknown.
+```
+
+**Network namespace sharing blocked:**
+
+```console
+$ docker run -it --rm --network=host alpine
+docker: Error response from daemon: failed to create shim task: OCI runtime create failed: error in the container spec: invalid or unsupported container spec: sysbox containers can't share a network namespace with the host (because they use the linux user-namespace for isolation): unknown.
+```
+
+**User namespace override ignored:**
 
-You can also configure Docker socket mount permissions for trusted images that need Docker API access.
+```console
+$ docker run -it --rm --userns=host alpine
+/ # cat /proc/self/uid_map
+         0     100000      65536
+```
 
-## Verify Enhanced Container Isolation is active
+Docker build operations using `--network-host` and Docker buildx entitlements (`network.host`,
+`security.insecure`) are also blocked.
 
-When ECI is turned on, users can verify it's working by checking the user
-namespace mapping:
+### Protected bind mounts
+
+Enhanced Container Isolation maintains support for standard file sharing while preventing access to sensitive VM directories:
+
+**Host directory mounts continue to work:**
 
 ```console
-$ docker run --rm alpine cat /proc/self/uid_map
+$ docker run -it --rm -v $HOME:/mnt alpine
+/ # ls /mnt
+# Successfully lists home directory contents
 ```
 
-When ECI is turned on:
+**VM configuration mounts are blocked:**
+
+```console
+$ docker run -it --rm -v /etc/docker/daemon.json:/mnt/daemon.json alpine
+docker: Error response from daemon: failed to create shim task: OCI runtime create failed: error in the container spec: can't mount /etc/docker/daemon.json because it's configured as a restricted host mount: unknown
+```
+
+This prevents containers from reading or modifying Docker Engine configurations, registry access management settings, proxy configurations, and other security-related VM files.
+
+> [!NOTE]
+>
+> By default, ECI blocks bind mounting the Docker Engine socket (/var/run/docker.sock) as this would grant containers control over Docker Engine. Administrators can create exceptions for trusted container images.
+
+### Advanced system call protection
+
+Enhanced Container Isolation intercepts sensitive system calls to prevent containers from using legitimate capabilities maliciously:
 
-```text
-0     100000      65536
+```console
+$ docker run -it --rm --cap-add SYS_ADMIN -v $HOME:/mnt:ro alpine
+/ # mount -o remount,rw /mnt /mnt
+mount: permission denied (are you root?)
 ```
 
-This shows the container's root user (0) maps to an unprivileged user (100000) in the Docker Desktop VM, with a range of 64K user IDs. Each container gets an exclusive user ID range for isolation.
+Even with `CAP_SYS_ADMIN` capability, containers can't change read-only bind mounts to read-write, ensuring they can't breach container boundaries.
 
-When ECI is turned off:
+Containers can still create internal mounts within their filesystem:
 
-```text
-0          0 4294967295
+```console
+/ # mkdir /root/tmpfs
+/ # mount -t tmpfs tmpfs /root/tmpfs
+/ # mount -o remount,ro /root/tmpfs /root/tmpfs
+/ # findmnt | grep tmpfs
+├─/root/tmpfs    tmpfs      tmpfs    ro,relatime,uid=100000,gid=100000
 ```
 
-This shows the container root user (0) maps directly to the VM root user (0), providing less isolation.
+ECI performs system call filtering efficiently by intercepting only control-path system calls (rarely used) while leaving data-path system calls unaffected, maintaining container performance.
+
+### Automatic filesystem user ID mapping
+
+Enhanced Container Isolation solves file sharing challenges between containers with different user ID ranges through automatic filesystem mapping.
+
+Each container gets exclusive user ID mappings, but Sysbox uses filesystem user ID remapping via Linux kernel ID-mapped mounts (added in 2021) or alternative shiftsfs module. This maps filesystem accesses from containers' real user IDs to standard ranges, enabling:
 
-You can also check the container runtime:
+- Volume sharing across containers with different user ID ranges
+- Consistent file ownership regardless of container user ID mappings
+- Transparent file access without user intervention
+
+### Information hiding through filesystem emulation
+
+ECI emulates portions of `/proc` and `/sys` filesystems within containers to hide sensitive host information and provide per-container views of kernel resources:
 
 ```console
-$ docker inspect --format='{{.HostConfig.Runtime}}' <container_name>
+$ docker run -it --rm alpine
+/ # cat /proc/uptime
+5.86 5.86
 ```
 
-With ECI, it returns `sysbox-runc`. Without ECI it returns `runc`.
+This shows container uptime instead of Docker Desktop VM uptime, preventing system information from leaking into containers.
+
+Several `/proc/sys` resources that aren't namespaced by the Linux kernel are emulated per-container, with Sysbox coordinating values when programming kernel settings. This enables container workloads that normally require privileged access to run securely.
 
-## What developers see with enforced ECI
+## Performance and compatibility
 
-When administrators enforce Enhanced Container Isolation:
+Enhanced Container Isolation maintains excellent performance and full compatibility:
 
-- The Use Enhanced Container Isolation setting appears turned on in Docker Desktop settings
-- The setting is locked and can't be changed if `"locked": true` was configured
-- All new containers automatically use Linux user namespaces
-- Existing development workflows continue to work without modification
+- No performance impact: System call filtering targets only control-path calls, leaving data-path operations unaffected
+- Full workflow compatibility: Existing development processes, tools, and container images work unchanged
+- Advanced workload support: Docker-in-Docker, Kubernetes-in-Docker, and other complex scenarios work securely
+- Automatic management: User ID mappings, filesystem access, and security policies are handled automatically
+- Standard image support: No special container images or modifications required
+
+> [!IMPORTANT]
+>
+> ECI protection varies by Docker Desktop version and doesn't yet protect extension containers. Docker builds and Kubernetes in Docker Desktop have varying protection levels depending on the version. For details, see [Enhanced Container Isolation limitations](/manuals/enterprise/security/hardened-desktop/enhanced-container-isolation/limitations.md).