You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Yes. I would like Kasm to move away from Docker altogether and exclusively support Podman as the container backend. While Docker is workable for compliance and security when configured properly, Podman’s rootless, daemonless approach reduces the complexity and risk of misconfiguration (like running it as root and not rootless), providing a simpler and more inherently secure foundation for containerized environments.
Describe the solution you'd like
Ditch Docker and use Podman: Completely transition Kasm to use Podman.
Rootless by Default: Embrace Podman’s rootless model to lower the risks tied to privilege escalations.
Describe alternatives you've considered
Continuing with Docker: While still viable, Docker introduces additional layers of complexity, such as reliance on a daemon and a higher risk from root-level operations.
Supporting Both Docker and Podman: This might split the focus and maintenance effort, potentially slowing down improvements and security enhancements.
Additional context
By implementing Podman, Kasm can provide a more robust, security-focused containerization platform for organizations/and self host users. Rootless Podman helps mitigate the impact of misconfigurations and reduces the overall attack surface, aligning with the trend toward zero-trust, compliance-centric deployments.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Yes. I would like Kasm to move away from Docker altogether and exclusively support Podman as the container backend. While Docker is workable for compliance and security when configured properly, Podman’s rootless, daemonless approach reduces the complexity and risk of misconfiguration (like running it as root and not rootless), providing a simpler and more inherently secure foundation for containerized environments.
Describe the solution you'd like
Ditch Docker and use Podman: Completely transition Kasm to use Podman.
Rootless by Default: Embrace Podman’s rootless model to lower the risks tied to privilege escalations.
Describe alternatives you've considered
Continuing with Docker: While still viable, Docker introduces additional layers of complexity, such as reliance on a daemon and a higher risk from root-level operations.
Supporting Both Docker and Podman: This might split the focus and maintenance effort, potentially slowing down improvements and security enhancements.
Additional context
By implementing Podman, Kasm can provide a more robust, security-focused containerization platform for organizations/and self host users. Rootless Podman helps mitigate the impact of misconfigurations and reduces the overall attack surface, aligning with the trend toward zero-trust, compliance-centric deployments.
The text was updated successfully, but these errors were encountered: