Even better if it can be run on Podman, since you won’t need a potential root access and hook to set up the containers in the first place, and UID mapping on podman rootless will pretty much guarantee that the user IDs the process gets are not mapped to any real user in your system.
Even better if it can be run on Podman, since you won’t need a potential root access and hook to set up the containers in the first place, and UID mapping on podman rootless will pretty much guarantee that the user IDs the process gets are not mapped to any real user in your system.