mirror of
https://github.com/containers/podman.git
synced 2025-12-05 12:52:12 +08:00
4fbc4b8f79
An easy one. Went with the version from podman-run. Signed-off-by: Ed Santiago <santiago@redhat.com>
15 lines
711 B
Markdown
15 lines
711 B
Markdown
#### **--privileged**
|
|
|
|
Give extended privileges to this container. The default is **false**.
|
|
|
|
By default, Podman containers are unprivileged (**=false**) and cannot, for
|
|
example, modify parts of the operating system. This is because by default a
|
|
container is only allowed limited access to devices. A "privileged" container
|
|
is given the same access to devices as the user launching the container.
|
|
|
|
A privileged container turns off the security features that isolate the
|
|
container from the host. Dropped Capabilities, limited devices, read-only mount
|
|
points, Apparmor/SELinux separation, and Seccomp filters are all disabled.
|
|
|
|
Rootless containers cannot have more privileges than the account that launched them.
|