Karna@lemmy.ml to Linux@lemmy.ml · 11 months agoLeaky Vessels flaws allow hackers to escape Docker, runc containerswww.bleepingcomputer.comexternal-linkmessage-square7fedilinkarrow-up198arrow-down10cross-posted to: securitynews@infosec.pubtechnology@lemmit.onlineselfhosted@lemmy.world
arrow-up198arrow-down1external-linkLeaky Vessels flaws allow hackers to escape Docker, runc containerswww.bleepingcomputer.comKarna@lemmy.ml to Linux@lemmy.ml · 11 months agomessage-square7fedilinkcross-posted to: securitynews@infosec.pubtechnology@lemmit.onlineselfhosted@lemmy.world
minus-squarejbk@discuss.tchncs.delinkfedilinkarrow-up5·11 months agoWouldn’t rootless containers have reduced the impact of these vulnerabilities? I’ll happily continue using rootless podman for simple tasks
minus-squareKarna@lemmy.mlOPlinkfedilinkarrow-up3·edit-211 months agoDocker can be run in rootless mode[1]. Ideally that should be the standard mode unless you have specific requirements not satisfied by rootless mode. [1] https://docs.docker.com/engine/security/rootless/
Wouldn’t rootless containers have reduced the impact of these vulnerabilities? I’ll happily continue using rootless podman for simple tasks
Docker can be run in rootless mode[1]. Ideally that should be the standard mode unless you have specific requirements not satisfied by rootless mode.
[1] https://docs.docker.com/engine/security/rootless/