More

grimblee · 2026-05-05T15:33:05 1777995185

If I understand correctly, rootfull podman with --userns=auto would also prevent the privilege escalation ?

angry_octet · 2026-05-05T23:49:45 1778024985

No it wouldn't. The exploit is not impacted by namespaces.

cpach · 2026-05-05T15:34:36 1777995276

grimblee · 2026-05-05T20:20:02 1778012402

--userns=auto asign a different namespace for each container, so if you escape it you get a random uid far far away from root it also protects other containers from the compromise since they each have their own namespace and uid/gid range, the drawback though is that you can't mount shared volume unless you use a pod, since you would see files from outside your uid/gid range as owned by nobody and inaccessible.

cpach · 2026-05-05T20:32:18 1778013138

That might make Copy Fail harder to exploit, but I still wouldn’t bet money on CF being impossible to use in that scenario.

grimblee · 2026-05-05T21:50:16 1778017816

Since in --userns=auto, root inside the container gets assigned to the first uid of the uid range assigned by podman, copyfail would succeed but you'd get uid 647831 and be able to do nothing with it

grimblee · 2026-03-29T06:40:06 1774766406

Fuck big tech, I'm fine with using Mistral

grimblee · 2026-03-09T19:26:53 1773084413

Go ask kids forced to work for years in cocoa plants or coltan mins in africa what they think of your little explaination

akramachamarei · 2026-03-10T04:17:25 1773116245

Is this supposed to be ... a gotcha? If slavery is involved, it's not capitalism, by definition. Distance attenuates all signals, so each transaction step may somewhat smear or smudge such a stain. Really not clear at all what you're getting at.

grimblee · 2026-03-04T08:55:24 1772614524

I am pretty sure they know our identity pretty accurately already, through browser fingerprinting and google's gmail data, my real concern is the half-assed security measure with our id cards. The persona breach just recently proved they cannot be trusted and this expose us to identity fraud/theft.

grimblee · 2026-01-14T19:31:17 1768419077

A tolerant society cannot tolerate intolerence, lest it gets destroyed by it.

You cannot give anything to fascists, we know what they do, history is there, they didn't change, they're doing exactly the same thing.

grimblee · 2026-01-14T19:28:48 1768418928

I read that during the irish occupation, irish policemen (so, working for the british governement) were rejected and isolated socially, treated as traitors to their people.

Which led them to eventually refuse to continue oppressing their people for money, the revolution, independance, all that.

I kinda see connections, don't you ?

grimblee · 2026-01-14T19:24:31 1768418671

Did you know the early nazis where actually impressed by america's segregation and racism and lamented they couldn't easily do the same? Well, they kinda did in the end.

grimblee · 2026-01-13T05:10:43 1768281043

White men are the most privileged and protected class oh prople in the accident, all this is bullshit.

You have no idea what people outside of it are saying because you don't talk to them, you've just been endoctrined by the media playing on your fears of the unknown and of losing some of those privileges.

But the thing is, the most privilegied losing privileges isn't something horrible, it's simple justice, restoring the balance.

grimblee · 2026-01-13T05:12:12 1768281132

Class of people in the occident*

grimblee · 2025-12-29T12:05:01 1767009901

Well, I've never used linkedin outside of job hunts, and for that it was useful.

The social media part seems trash tier and I want no part of it though.

grimblee · 2025-12-26T10:36:35 1766745395

A tolerant society cannot tolerate intolerance, lest it gets destroyed by it.

Free speech ends where hatred starts.