containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
podman/pkg
History
Daniel J Walsh 80c0fceb24
Add support for --userns=nomap 
From a security point of view, it would be nice to be able to map a
rootless usernamespace that does not use your own UID within the
container.

This would add protection against a hostile process escapping the
container and reading content in your homedir.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 		2022-04-21 15:29:04 -04:00
..
annotations fix a number of `godot` issues 2022-03-22 13:04:35 +01:00
api Merge pull request #13505 from rst0git/checkpoint-image-1 2022-04-21 11:58:56 -04:00
auth Run codespell on code 2022-01-21 09:52:12 -05:00
autoupdate bump go module to version 4 2022-01-18 12:47:07 +01:00
bindings Add support for checkpoint image 2022-04-20 18:55:39 +01:00
channel channel: simplify implementation 2021-05-06 11:51:15 +02:00
checkpoint Add support for checkpoint image 2022-04-20 18:55:39 +01:00
copy bump go module to version 4 2022-01-18 12:47:07 +01:00
criu Add support for checkpoint image 2022-04-20 18:55:39 +01:00
ctime go fmt: use go 1.18 conditional-build syntax 2022-03-18 09:11:53 +01:00
domain Add support for --userns=nomap 2022-04-21 15:29:04 -04:00
env linter: enable makezero 2022-03-22 13:04:35 +01:00
errorhandling linter: enable nilerr 2022-03-22 13:04:35 +01:00
hooks bump go module to version 4 2022-01-18 12:47:07 +01:00
inspect fix a number of `godot` issues 2022-03-22 13:04:35 +01:00
k8s.io Run codespell to cleanup typos 2022-03-25 15:34:41 -04:00
kubeutils remove unneeded k8s code 2022-03-15 14:48:08 +01:00
lookup fix a number of `godot` issues 2022-03-22 13:04:35 +01:00
machine Respect "Rootful" when starting WSL API Forwarding 2022-04-15 00:14:49 -05:00
namespaces Add support for --userns=nomap 2022-04-21 15:29:04 -04:00
parallel bump go module to version 4 2022-01-18 12:47:07 +01:00
ps bump go module to version 4 2022-01-18 12:47:07 +01:00
resolvconf Revert "Move each search dns to its own line" 2022-02-02 19:33:21 +01:00
rootless If newuidmap or newgidmap fail, then check their permissions 2022-04-08 10:52:08 -04:00
rootlessport go fmt: use go 1.18 conditional-build syntax 2022-03-18 09:11:53 +01:00
seccomp Spelling 2020-12-22 13:34:31 -05:00
selinux Fix SELinux functions names to not be repetitive 2020-04-23 15:57:34 -04:00
servicereaper go fmt: use go 1.18 conditional-build syntax 2022-03-18 09:11:53 +01:00
signal fix a number of `godot` issues 2022-03-22 13:04:35 +01:00
specgen Add support for --userns=nomap 2022-04-21 15:29:04 -04:00
specgenutil Translate Memory Limit to Swap in API 2022-04-18 15:38:24 -04:00
systemd Pretty print systemd services file 2022-04-12 06:02:48 -04:00
terminal fix a number of `godot` issues 2022-03-22 13:04:35 +01:00
timetype make lint: enable gocritic 2020-01-13 14:27:02 +01:00
trust Cleanup display of trust with transports 2022-02-22 15:08:58 -05:00
util Add support for --userns=nomap 2022-04-21 15:29:04 -04:00