Hacker News new | ask | show | jobs
by ripped_britches 141 days ago
Why is it a problem to use containers?
1 comments
vrn21 141 days ago
every syscall on containers run on the kernal with full privelages, so if needed one can break out of the container and get access to the host
link
ripped_britches 141 days ago
> with full privs

No that’s just a misconfigured container then.

Unless there is an exploit on an unpatched kernel bug, a properly configured container shouldn’t allow break out

link