container features deployment limited to root

alexskysilk

Distinguished Member
Oct 16, 2015
2,347
638
183
Chatsworth, CA
www.skysilk.com
I have recently began deployment of nested containers following an orderly upgrade to 5.3, when I noticed that only a root user may actually flag the features. What is the rationale for this limitation? What are the implications of setting these flags I'm not considering?
 
What is the rationale for this limitation?

Security. A normal container should not have permissions to do all those things, as this can severely damage the host system (if a bad/untrusted user inside the container tries to hack you).