Hello Tianon, >I'd describe the "--privileged" flag you're using in this context is >"please, Docker, remove ALL security/isolation"
this is certainly NOT something that comes across. I got the impression that it merely allows some more things *inside* the chroot. >You very, very certainly want a more specific set of "--cap-add" and Yes, probably, but it doesn’t make it easy for me to know how/which. >"--device" flags if you want even a semblance of security in your >deployment. I don’t *have* a “deployment”. I need to run some commands inside some random container, that’s all. Thanks, //mirabilos -- 15:41⎜<Lo-lan-do:#fusionforge> Somebody write a testsuite for helloworld :-)
