Docker is not rootless. Is only safe as long as the container (or those web devs) doesn’t use nsenter or anything similar to get root access outside of it ;)
It’s not a question of being a geek, but securing your entire supply chain. If you don’t already vet container image layers and cosigning said containers, chances are you’re already in risky rivers all the same.
In essence the rooted mode was never that big of a risk when compared to the actual runtimes. Certain attacks don’t even care about being in a user container if it deals with breaking the kernel itself, even with SELinux and AppArmor taken into account.
Rootless containers aren’t a magic bullet as a result. The only thing that you should concern yourself with is what you’re pushing to prod, how you layer your images and cosigning so that you can source… every mess… to every desk jockey junior…
Docker is not rootless. Is only safe as long as the container (or those web devs) doesn’t use
nsenteror anything similar to get root access outside of it ;)Wrong again, though it is a fairly recent feature and as an answer to Podman and to meet OCI standards.
Ah, my bad “again”… should have mentioned that there’s the advance configuration option that 1% of the geeks do
It’s not a question of being a geek, but securing your entire supply chain. If you don’t already vet container image layers and cosigning said containers, chances are you’re already in risky rivers all the same.
In essence the rooted mode was never that big of a risk when compared to the actual runtimes. Certain attacks don’t even care about being in a user container if it deals with breaking the kernel itself, even with SELinux and AppArmor taken into account.
Rootless containers aren’t a magic bullet as a result. The only thing that you should concern yourself with is what you’re pushing to prod, how you layer your images and cosigning so that you can source… every mess… to every desk jockey junior…
You…
Do not…
Mess with my infra.