@x_cli One question about the proper use of containers (*not* VM, only containers). Is it reasonable to give root access in a container to someone who is not root on the host? I always thought the answer was No and this is how I manage containers. The report mention "public cloud service". Are there services where tenants have root access to a container?
Do you know about user namespaces? Their root is not privileged in their parent user namespace (if there is UID/GID mapping).
A Mastodon instance for info/cyber security-minded people.