|
|
|
|
|
|
by AkihiroSuda
884 days ago
|
|
|
> Podman is designed to help with this by providing stronger default security settings compared to Docker. Features like rootless containers, user namespaces, and seccomp profiles, while available in Docker, aren't enabled by default and often require extra setup. Seccomp has been enabled by default since 2015: https://github.com/moby/moby/pull/18780 It is true that Rootless isn't enabled by default but its "extra setup" can be done with a single command (`dockerd-rootless-setuptool.sh install`) |
|
|