Hello,
I’m running rootless Podman in an LXC container using the following config:
security.nesting: "true"
security.syscalls.intercept.mknod: "true"
security.syscalls.intercept.setxattr: "true"
From my understanding this does not make the LXC container privileged, is there still a way to break out of it?