|
|
|
|
|
|
by gnfurlong
1482 days ago
|
|
|
The parent comment is still talking about rootless podman (and really just user namespaces). Root in the container is absolutely mapped to the user executing podman outside the container. If it mapped to root outside the container, you could just use podman to create setuid scripts owned by root for very trivial privelege escalation. |
|
|