(no title)

As far as my understanding goes containers per se are no security mechanism. Rootless containers are as good as rootless processes with chroot.

So this comment resonates with my understanding.

My feeling is that containers give you more possibilities to introduce security holes if you aren't diligent.