That is not how security works. You must protect against known and unknown attack vectors. I am only pointing out weaknesses of Docker and other linux containers that share the kernel with the host or/and run with Root. I’m not saying anything original or crazy, just read up on the security of these technologies and their limits. I am not a malware designer, I am a security researcher.

Look into gVisor and Kara Containers for info on how to improve the security of containers.

Here are some readings for you:

…tux.pizza/…/help_can_i_safely_run_malware_inside…
csoonline.com/…/vulnerabilities-in-docker-other-c…
www.panoptica.app/…/7-ways-to-escape-a-container
blog.trailofbits.com/…/understanding-docker-conta…
securityweek.com/leaky-vessels-container-escape-v…
cybereason.com/…/container-escape-all-you-need-is…