[adriangrigore]

Why escape?

[c0pium]

You are being downvoted right now, but this is a great point. If you have execution control in someone’s container, use the containers existing secrets to achieve your goals. I don’t need to escape your web apps container to steal all of the contents of the backend database.

[Rygian]

But if you do escape the container, then you have plenty other containers to peek into. Which is juicier than "just one."

[c0pium]

Maybe. It’s also increasing the likelihood that security will get a detection though, which might or might not be worth it depending on my goals.

[heyoni]

All those processes living in our containers are going to want the red pill eventually. Haven’t you seen the matrix?

But seriously though, it’s so you can write exploits or satisfy that curious itch when working with a cloud service.