I almost never had to run a privileged container, and I avoid it whenever possib... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

the_duke on Oct 10, 2018 | parent | context | favorite | on: Flatpak – a security nightmare

I almost never had to run a privileged container, and I avoid it whenever possible.

As far as I have seen, privileged container use is rare. What lead you to the assumption that it isn't?

cyphar on Oct 10, 2018 [–]

It should also be noted that bind-mounting docker.sock is equivalent (or much worse -- it's easier to exploit at least) to using privileged containers, and an exceptionally large number of people do this (you see it in many blog posts and project installation scripts).

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact