|
|
|
|
|
|
by thiht
1047 days ago
|
|
|
> That being said, I don't personally see any security value added or removed by an installer process needing to elevate privileges. That's a one-time thing and likely should require admin privileges Where I worked before we didn’t have root access on our laptops, so we couldn’t install Docker. I’ve switched company since, but my former coworkers were able to install Podman (not Podman Desktop) without root access. |
|
|
Although, I would say we have definitely strayed far away from the typical definition/security benefits of "rootless" container runtimes. Usually the rootless container threat model accounts for containers or access to the runtime being weaponized -- it's not usually IT preventing you from installing apps. :)
Still, thanks for indulging this conversation.
(Also, I thought the only way to run Podman containers locally on MacOS was Podman Desktop -- has that changed recently?)