Microsoft's open source tools were hacked to steal passwords of AI developers

[pritambaral]

> https://github.com/ashishb/amazing-sandbox

Does your Docker backend run commands in rootless containers? I skimmed the code but didn't see anything to confirm this.

[ashishb]

Right now, not. Eventually, they will.

You can pass your favorite rootless Docker image using `--custom-docker-image` CLI parameter.

[pritambaral]

I hope you see the (IMO, obvious) problem.

1. Docker (or any Linux container runtime, for that matter) is not intended for, designed for, or effective as a security boundary. 2. Root containers run as root on the host. The "sandboxed" processes have full capabilities, as far as the kernel is concerned with them.