2119 shaares
901 private links
901 private links
Rootless containers refers to the ability for an unprivileged user to create, run and otherwise manage containers. This term also includes the variety of tooling around containers that can also be run as an unprivileged user.
“Unprivileged user” in this context refers to a user who does not have any administrative rights, and is “not in the good graces of the administrator” (in other words, they do not have the ability to ask for more privileges to be granted to them, or for software packages to be installed).
Pros:
Can mitigate potential container-breakout vulnerabilities (Not a panacea, of course) Friendly to shared machines, especially in HPC environments
Cons:
Complexity