[ipdashc]

You're totally right, but the part that annoys me is that articles like this one (and this sounds overly hostile, I don't intend that, but I'm not sure how else to phrase it) kind of pollute the topic of container security. I described it above, but I have this huge pet peeve where I hear "containers are insecure and trivial to break out of" and then when I go to look up examples of container breakouts, all I find is stuff like this; how to break through a wall that had a gaping, intentional hole left in it.

It feels like "breaking out of vanilla containers" and "breaking out of misconfigured containers" are two different topics, two different threat models. And while the second absolutely matters in the real world, the really scary stuff is obviously the first (and usually involves 0-days, kernel exploits, etc?). But people seem to talk less about the first.