Four vulnerabilities collectively called "Leaky Vessels" allow hackers to escape containers and access data on the underlying host operating system.
  • jbk@discuss.tchncs.de
    ·
    7 months ago

    Wouldn't rootless containers have reduced the impact of these vulnerabilities? I'll happily continue using rootless podman for simple tasks

    • Karna@lemmy.ml
      ·
      7 months ago

      Docker can be run in rootless mode[1]. Ideally that should be the standard mode unless you have specific requirements not satisfied by rootless mode.

      [1] https://docs.docker.com/engine/security/rootless/