
Non-root containers, Kubernetes CVE-2019-11245 and why you should care - zelivans
https://www.twistlock.com/labs-blog/non-root-containers-kubernetes-cve-2019-11245-care/
======
westurner
> _At the same time, all the current implementations of rootless containers
> rely on user namespaces at their core. Not to be confused with what is
> referred to as non-root containers in this article, rootless containers are
> containers that can be run and managed by unprivileged users on the host.
> While Docker and other runtimes require a daemon running as root, rootless
> containers can be run by any user without additional capabilities._

non-root / rootless

