Y
Hacker News
new
|
ask
|
show
|
jobs
by
cyphar
2523 days ago
The daemon is running as an unprivileged user. Docker with userns-remap is still running as root (and recent vulnerabilities like CVE-2018-15664 are still a significant worry even if you ran with user namespaces enabled).