Comment on Docker vs Podman, which one to choose for a beginner and why ?

<- View Parent
IAm_A_Complete_Idiot@sh.itjust.works ⁨1⁩ ⁨year⁩ ago

The point is to minimize privilege to the least possible - not to make it impossible to create higher privileged containers. If a container doesn’t need to get direct raw hardware access, manage low ports on the host network, etc. then why should I give it root and let it be able to do those things? Mapping it to a user, controlling what resources it has access to, and restricting it’s capabilities means that in the event that my container gets compromised, my entire host isn’t necessarily screwed.

source
Sort:hotnewtop