Podman rootless containers and the Copy Fail exploit

ggpsv·Hacker News·community·

AboutMicroblogPodman rootless containers and the Copy Fail exploitMay 4, 2026ContentsAn overview of rootless containersRootless rootfulUser namespacesPrivileged operationsRootless non-rootBind mountsCopy FailRootless rootfulRootless non-rootRootless non-root while disabling new privilegesRootless non-root while dropping capabilitiesThe exploit persistsDefence in depthRead-only imagesResource constraintsLimit available binariesFirewallingConclusionFurther readingOn April 29th CVE-2026-31431 was p

Read full article →

Related Articles

Dirtyfrag: Universal Linux LPE
flipped · Hacker News · 1d ago
A web page that shows you everything the browser told it without asking
mwheelz · Hacker News · 13h ago
DeepSeek 4 Flash local inference engine for Metal
tamnd · Hacker News · 1d ago
An Introduction to Meshtastic
ColinWright · Hacker News · 14h ago
Natural Language Autoencoders: Turning Claude's Thoughts into Text
instagraham · Hacker News · 1d ago