[trulyme]

I mean, of course? Especially, why would I put ssh keys and similar in the container?

This still doesn't mean that one can install just any package, but it does make it much more difficult for it to do much harm. Breaking out of a container is not as trivial as it once was. That said, it is not a perfect solution, so I'd be happy to hear of better ones. Any suggestions?

[5e92cb50239222b]

No ssh keys or anything else interesting available to the user you're running the container engine under (and containers themselves). Not the user _inside_ the container, but on the main system.

[gizzlon]

gVisor, VMs