[$] Easier container security with entitlements

During KubeCon+ CloudNativeCon Europe 2018, Justin Cormack and Nassim Eddequiouaq presenteda proposal to simplify the setting of security parameters for containerizedapplications. Containers depend on a large set of intricate security primitives that canhave weird interactions. Because they are so hard to use, people often justturn the whole thing off. The goal of the proposal is to make thosecontrols easier to understand and use; it is partly inspired by mobile appson iOS and Android platforms, an idea that trickled back into Microsoft andApple desktops. The time seems ripe to improve the field ofcontainer security, which is in desperate need of simpler controls.