FYI: I had tried this exploit with rootless podman containers to write to read-only mounts, but the exploit failed. I am not sure if the default container runtime in Podman is resistant against these attacks or if it assumes Docker running containers with higher privileges, but at least it was a pleasant observation. (kernel 6.18)

It feels like AI is speeding up bug discovery faster than security can keep up. Curious if this is temporary or just the new normal.

Maybe I’m missing something but because of this kind of risk, an old fashioned virtual machine feels like a more robust security boundary.