Y
Hacker News
new
|
ask
|
show
|
jobs
by
dylanvee
4869 days ago
Container-based virtualization is already here, but without user namespaces root privilege in the container implies root privilege in the host. That's no longer the case; interesting times indeed.
1 comments
DASD
4869 days ago
Makes me wonder(or maybe I don't want to know) how Heroku has managed this until now? Only unprivileged users?
link
dylanvee
4869 days ago
I don't remember specifically, but that'd be my guess. Non-root users in containers have been fine for a while now.
link