10 Apr
2021
10 Apr
'21
08:04
On 4/10/21 1:07 PM, Attila Pinter wrote:
I'm very happy to see work going into this. SELinux would improve a lot on security especially when it comes to containerization. It is crazy simple to break out of a Podman container if it is secured by AppArmor.
Could you please provide some links with more information?
BTW: It should not be possible to break out from a podman container even without using SELinux or AppArmor. If it is "crazy simple to break out of a Podman container" then podman is not the right tool for anything serious before podman's devs did their homework.
Ciao, Michael.