> [...] that root was just my unprivileged podman user on the host
Couldn't you then simply re-run the exploit again as unprivileged podman user and gain root on the host?
> [...] that root was just my unprivileged podman user on the host
Couldn't you then simply re-run the exploit again as unprivileged podman user and gain root on the host?
No, because you're still in the container, and there's no route to the host's root from there.
If you can orchestrate a container escape from the container's "root", then you're on to something.
did anyone try it? it suppose to work right?