Podman rootless containers and the Copy Fail exploit

·Hacker News··

AboutMicroblogPodman rootless containers and the Copy Fail exploitMay 4, 2026ContentsAn overview of rootless containersRootless rootfulUser namespacesPrivileged operationsRootless non-rootBind mountsCopy FailRootless rootfulRootless non-rootRootless non-root while disabling new privilegesRootless non-root while dropping capabilitiesThe exploit persistsDefence in depthRead-only imagesResource constraintsLimit available binariesFirewallingConclusionFurther readingOn April 29th CVE-2026-31431 was p

Read full article →

Related Articles

“Beyond the limit”: Satellites and mirrors in space pose threat to the night sky
Breadmaker · Hacker News · 1d ago
GPT-5.5 Codex reasoning-token clustering may be leading to degraded performance
maille · Hacker News · 19h ago
Potential session/cache leakage between workspace instances or consumer accounts
chatmasta · Hacker News · 1d ago
EV Batteries Are Defying Expectations After Miles
apparent · Hacker News · 10h ago
Show HN: KiCad in the Browser
ViktorEE · Hacker News · 5h ago