Controlling access to rootless Podman for users
It’s easy to have mistaken assumptions about security controls when it comes to rootless Podman containers.
Thu, 6/10/2021 at 1:14pm
Image by Arek Socha from Pixabay
Recently the Podman team received a Bugzilla report claiming that there was no way to stop rootless Podman from running containers. The reporter set up a user account with no entries in /etc/subuid and /etc/subgid and reported that rootless Podman could still run the hello-world container.
Read More at Enable Sysadmin