Controlling access to rootless Podman for users

433

Controlling access to rootless Podman for users

It’s easy to have mistaken assumptions about security controls when it comes to rootless Podman containers.
Dan Walsh
Thu, 6/10/2021 at 1:14pm

Image

Image by Arek Socha from Pixabay

Recently the Podman team received a Bugzilla report claiming that there was no way to stop rootless Podman from running containers. The reporter set up a user account with no entries in /etc/subuid and /etc/subgid and reported that rootless Podman could still run the hello-world container.

Topics:  
Containers  
Linux  
Read More at Enable Sysadmin