I want to know if there is a method to add a capability to a docker running image. Can an attacker drop a capability by using the network and how can we detect it ?
