From what I have seen, rootless podman seems to take more effort (even if marginal) than rootful one. I want to make a more informed decision for the containers, so I would like to ask.
- What is a rootless podman good for? How much does it help in terms of security, and does it have other benefits?
- One of the benefits commonly mentioned is for when container is breached. Then, running container on sudo-capable user would give no security benefits. Does it mean I should run podman services on a non-privileged user?
Thank you!
One of the main advantage of podman is that, it respects the firewall rules. Docker don’t do that. Also having rootless podman means if somehow the container went rogue, it cannot have access to your root directory and perform malicious actions.
Also podman is a drop in replacement for docker. It does not need much configurations to setup. If you need compose, you might need to install podman-compose as well.
How would a rogue container be able to access the root directory of the host? Wouldn’t it just be able to access the data on the docker volumes? Thank you.
In an ideal world, sure, but all software has bugs (example vulnerabilities here). Proper security design doesn’t ask “how can X happen?” but “what if X happens?” If you break out of a docker container, you have root access to the system because the docker daemon runs as root.
With podman, there is no root docker daemon, so you’d also need privilege escalation in addition to breaking out of the container.