• hottari@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    2 years ago

    You don’t know enough about security to lecture me. The kernel has before/continues to suffer(ed) from successful root shell exploits, particularly in this case via unprivileged userns. Something podman or even rootless docker can’t do anything about.

    • BlueBockser@programming.dev
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 years ago

      Funny how you claim to know so much about security but can’t even seem to comprehend my comment. I know root shell exploits exist, that’s why I wrote that it takes additional time to get root access, not that it’s impossible. And that’s still a security improvement because it’s an additional hurdle for the adversary.

      • apigban@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 years ago

        the person you are replying to either lacks comprehension or maybe just wants to be argumentative and doesn’t want to comprehend.