I’m new to the container world. Does it have any security benefits when I run my applications as a non-root user in a docker container? And how about Podman? There I’ll run the container as an unprivileged user anyway. Would changing the user in the container achieve anything?
OK :)
So chroot has not been used to isolate processes for decades to a confined view of the filesystem (especially in combo with a restricted shell), and for example the networking namespace is not used to limit the impact on a compromise on the firewall, the user namespace is not used to allow privileged processes to run de-facto unprivileged.
Whatever you say