Podman rootless containers and the Copy Fail exploit

ggpsv·Hacker News·Community·

AboutMicroblogPodman rootless containers and the Copy Fail exploitMay 4, 2026ContentsAn overview of rootless containersRootless rootfulUser namespacesPrivileged operationsRootless non-rootBind mountsCopy FailRootless rootfulRootless non-rootRootless non-root while disabling new privilegesRootless non-root while dropping capabilitiesThe exploit persistsDefence in depthRead-only imagesResource constraintsLimit available binariesFirewallingConclusionFurther readingOn April 29th CVE-2026-31431 was p

Read full article →

Related Articles

An OpenAI model has disproved a central conjecture in discrete geometry
tedsanders · Hacker News · 20h ago
GitHub confirms breach of 3,800 repos via malicious VSCode extension
Timofeibu · Hacker News · 1d ago
Show HN: Rmux – A programmable terminal multiplexer with a Playwright-style SDK
shideneyu · Hacker News · 6h ago
Incident Report: May 19, 2026 – GCP Account Suspension
0xedb · Hacker News · 1d ago
Not alive, but not dead: disembodied human brains used for drug testing
Timofeibu · Hacker News · 19h ago