gVisor
What is gVisor?
gVisorgVisor is an open-source application kernel from Google that intercepts container system calls in user space, shrinking the host kernel attack surface exposed to untrusted workloads.
gVisor's Sentry process implements a substantial portion of the Linux syscall surface in user-mode Go, while only a small set of host syscalls is allowed via seccomp-bpf and routed through a Gofer for filesystem I/O. Because containers talk to Sentry instead of the host kernel directly, kernel exploits in the workload must escape the user-space sandbox first. gVisor runs as a Docker or CRI runtime (runsc) and powers Google Cloud Run, App Engine standard, and GKE Sandbox. The trade-off is incomplete syscall compatibility and per-call performance overhead, which makes gVisor most useful for short-lived, multi-tenant, or untrusted workloads.
● Examples
- 01
Google Cloud Run executing customer functions inside gVisor sandboxes by default.
- 02
GKE Sandbox annotating untrusted Pods with runtimeClassName: gvisor.
● Frequently asked questions
What is gVisor?
gVisor is an open-source application kernel from Google that intercepts container system calls in user space, shrinking the host kernel attack surface exposed to untrusted workloads. It belongs to the Cloud Security category of cybersecurity.
What does gVisor mean?
gVisor is an open-source application kernel from Google that intercepts container system calls in user space, shrinking the host kernel attack surface exposed to untrusted workloads.
How does gVisor work?
gVisor's Sentry process implements a substantial portion of the Linux syscall surface in user-mode Go, while only a small set of host syscalls is allowed via seccomp-bpf and routed through a Gofer for filesystem I/O. Because containers talk to Sentry instead of the host kernel directly, kernel exploits in the workload must escape the user-space sandbox first. gVisor runs as a Docker or CRI runtime (runsc) and powers Google Cloud Run, App Engine standard, and GKE Sandbox. The trade-off is incomplete syscall compatibility and per-call performance overhead, which makes gVisor most useful for short-lived, multi-tenant, or untrusted workloads.
How do you defend against gVisor?
Defences for gVisor typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for gVisor?
Common alternative names include: runsc, gVisor Sentry.
● Related terms
- cloud-security№ 582
Kata Containers
Kata Containers is an open-source runtime that wraps each container or Kubernetes pod in a lightweight virtual machine to provide hardware-level isolation between workloads.
- cloud-security№ 838
Pod Security Standards
Pod Security Standards (PSS) are Kubernetes-defined security profiles — Privileged, Baseline, and Restricted — that codify safe pod configuration and replace the deprecated PodSecurityPolicy.
- cloud-security№ 597
Kubernetes Admission Controller
An admission controller is a Kubernetes API server plugin that intercepts authenticated requests before persistence to validate, mutate, or reject objects against policy.
- cloud-security№ 757
OPA Gatekeeper
OPA Gatekeeper is a CNCF policy controller that uses Open Policy Agent and the Rego language to enforce admission and audit policies on Kubernetes resources.
- cloud-security№ 602
Kyverno
Kyverno is a CNCF Kubernetes policy engine that validates, mutates, and generates resources using policies written as native Kubernetes YAML rather than a new DSL.
- cloud-security№ 599
Kubernetes Network Policy
Kubernetes NetworkPolicy is a namespaced resource that controls which pods can connect to which pods or external endpoints over IP, port, and protocol.