podman

History

Daniel J Walsh 80c0fceb24 Add support for --userns=nomap From a security point of view, it would be nice to be able to map a rootless usernamespace that does not use your own UID within the container. This would add protection against a hostile process escapping the container and reading content in your homedir. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>	2022-04-21 15:29:04 -04:00
..
namespaces.go	Add support for --userns=nomap	2022-04-21 15:29:04 -04:00

From a security point of view, it would be nice to be able to map a
rootless usernamespace that does not use your own UID within the
container.

This would add protection against a hostile process escapping the
container and reading content in your homedir.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

2022-04-21 15:29:04 -04:00

namespaces.go

Add support for --userns=nomap

2022-04-21 15:29:04 -04:00